Use cases

Security Audit

Security audit is an effective security assessment and maintenance tool that usually covers risks, current security robustness, regulatory compliance, and other cybersecurity aspects. The security audit may reveal and provide business-critical details on weaknesses in various segments of an enterprise IT infrastructure. The audit requires not only an end-to-end approach, but also the most straightforward and comprehensive audit tools in order to conduct assessments with minimum or no engagement of third-party organizations. RedCheck tackles a wide range of audit tasks without any assistance and provides an unbiased picture of security landscape.

The security audit by RedCheck includes the following checks:

RedCheck use-cases
Objectives RedCheck job types
Vulnerability scanning Vulnerability audit
System configuration assessment, including cybersecurity compliance Configuration audit
DBMS audit
Resource inventory Inventory taking
Configuration and file integrity control File integrity monitoring
Comprehensive approach Combination of various types of jobs and report analysis

Security Level Monitoring

In addition to resilience, fault tolerance and performance, security is a paramount indicator for IT system efficiency. Although continuous and reliable system protection is a must, no human being can remember gigabytes of data related to system parameters and relevant safeguards. This is why RedCheck is an ideal assistant when it comes to your enterprise network administration and security.

Measures RedCheck approach
Identification of unauthorized hardware and software Scheduled inventory jobs.
Control activated
Control over secure OS and app configurations Configuration audit jobs.
Control activated
Continuous vulnerability assessment and elimination Vulnerability audit jobs.
Vulnerability elimination using Path Manager.
Re-audit and incremental reporting
Timely installation of security updates Scheduled updates audit.
Installation of updates using Path Manager and incremental reporting
Network port restrictions and control Port scanning jobs Report generation
Incident response Assessment (report) history analysis

International, national and industry standards compliance

Many organizations handle confidential information and thus must comply with a variety of international, national and industry standards, such as USGСB, GLBA, SOX, HIPAA, PCI DSS, NERC, EUDPD, etc. Such compliance is not an easy task, especially during a long system security lifecycle.
RedCheck provides a complete insight into IT infrastructure security, thus enabling compliance checks and even providing system setup recommendations.
As part of its basic delivery, RedCheck assesses compliance with PCI DSS, USGCB and other standards. With the security configurations available in RedCheck, a company can interpret requirements and monitor compliance at the level of operating systems and application software that are part of IT systems.
SCAP, an open protocol being supported, allows users to upload any compliance policies to the scanner or develop custom ones.

See examples

International, national and industry standards compliance

ISO / IEC 27000 standard

Assessment tool for information security management system

RedCheck is a useful tool for the implementation of control objectives and controls within
ISO / IEC 27000 standard series. The following table presents the main list of controls
effected by using RedCheck. In fact the list of RedCheck applications in a context of ISO / IEC
27000 compliance is much wider.

ID Name of control, objective or control RedCheck function/task How to make compliance
A.6.2 Mobile devices and teleworking Control of «Inventory» task Create «Inventory» task without connected mobile devices.
Make control of created task.
Real-time control of connecting mobile devices by using of e-mail notifications.
A.8.1.1 Inventory of assets «Inventory» task Create «Inventory» task.
Create reports formed from task.
A.9.1.2 Access to networks and network services «Port scan» task Create «Port scan» task.
Remove the fixed problems of unregistered using od network services.
A.9.4.3 Password management system «Password bruteforce» task Create « Password bruteforce » task.
Remove the fixed password complexity problems.
A.12.2 Protection from malware Compliance audit Create «Compliance audit» task by using of «Anti-malware» configuration.
Remove the fixed security problems.
A.12.5 Control of operational software Control of «Fixation» task Create «Compliance audit» task by using of «Anti-malware» configuration.
Remove the fixed security problems.
Create «Fixation» task in etalon environment.
Make control of created task.
Real-time integrity control by using of e-mail notifications.
A.12.6 Technical vulnerability management Vulnerabilities audit Create «Vulnerabilities audit» task.
Create reports formed from task.
Analyze report data. Get information about how to troubleshoot vulnerabilities.

Try it now!


adminUse cases