Real-Time FISMA Compliance Monitoring
At the core of FISMA are NIST special publications 800-53 and 800-92. These publications identify how government agencies will make use of security controls to ensure the confidentiality, integrity and availability of their IT computing resources. FISMA is categorized into different control names, such as AC-7 Unsuccessful Login Attempts or SI-3 Malicious Code Protection. A majority of the FISMA requirements can be monitored or audited by leveraging Tenable's Unified Security Monitoring solution, often in multiple ways.
As an example, requirement AC-7 Unsuccessful Login Attempts can be monitored both with Nessus and Tenable's Log Correlation Engine (LCE). Nessus configuration audit policies can ensure that systems are correctly logging unsuccessful login attempts. The LCE can also be used to log all successful logins, login failures and generate appropriate alerts. LCE login failures are normalized across all applications and network devices, not just operating systems.
Tenable has written a short white paper that shows the many different ways our logging, scanning and network monitoring technologies can be leveraged to monitor government networks for FISMA compliance.