Cimcor - Building an Improved Face of Cybersecurity
The rapid pace of malware and technology evolution is one of the looming challenges many organizations face when it comes to managing their cybersecurity. Currently, over 1.3 million new threat variants are coming up daily. Helping organizations cope with zero-day exploits and malware trends requires constant innovation and a culture of continuous learning to be successful within the ever-changing threat landscape. Just like how Cimcor— a leader in developing innovative security and integrity software solutions—ensures a secure environment for its clients. “Our continuous efforts and desire for innovation has created a corporate culture enabling us to improve security and compliance with software that can provide users with change detection and reconciliation in real-time,” Robert Johnson III, President & CEO, Cimcor.
The CimTrak Integrity product line was created to allow corporations to ensure that critical systems continue to operate appropriately, despite cyber threats or even human error. With an automated detection process, flexible response options, and auditing capabilities, CimTrak is powerful compliance, information assurance, and security platform for both commercial and government organizations. The company’s tech stack is centered around C/C++, Angular, and Go. Moreover, all of the communications and data at rest is encrypted and compressed via FIPS 140-2 certified cryptographic methods and TSL 1.2.
CimTrak Integrity Suite provides a comprehensive integrity management platform that enables an automated workflow to uniquely detect unknown, unwanted, and unauthorized changes on everything from Servers, workstations, network devices, active directory/directory services, databases, POS systems, containers, hypervisors, cloud services, and more. If and when unwanted change occurs, CimTrak can roll back and remediate to any number of trusted baselines or reference points if it stores the necessary and trusted files to restore. Furthermore, CimTrak can prevent changes on those files, directories, and configurations that should never be changing, thus preventing integrity drift and mitigating ongoing security, compliance, and operational risk.
In short, CimTrak’s ability to monitor and manage from a trusted or expected state of operation gives a unique ability to pinpoint and identify the change that is unknown, unauthorized, and unexpected. In any of these three cases, CimTrak can highlight with clarity for an IT manager to accept or deny these changes as trustworthy or not. If the action is to deny, CimTrak can manually or automatically roll back to a previously known and trusted state of operation. Furthermore, CimTrak can also classify and deny files and directories as to never change.
Adopting this integrity assurance strategy can drastically impact the industry average of mean-time-to-identify (MTTI) and mean-time-to-contain (MTTC) security breaches and incidents of 207 and 73 days respectively down to a matter of seconds. “No other single security technology can have such a dramatic impact and effect on the security and risk profile of an organization as CimTrak can! All of our communications and data at rest are encrypted and compressed. A unique multi-protocol support allows us to connect and monitor a range of servers, network devices. Our focus on application portability has enabled us to tightly monitor Windows, Linux, Solaris, AIX, macOS, and HP-UX,” adds Johnson.
Since opening its doors in 1997, Cimcor has expanded the scope of its product line beyond manufacturing & utilities to meet the needs of the broader enterprise and rapidly growing cloud infrastructures. An instance that highlights the company’s value proposition is when the team assisted Zoom to align with best practices for a stronger security posture, automate busywork, and mitigate cyber risk. They wanted FedRamp & SOC 2 compliant in two different environments (federal and commercial), required real-time monitoring and notification and integration with ticketing, file reputation services, and file white-listing service. The CimTrak Integrity Suite was chosen as the software met every scope and criteria for all technical, compliance, and manageability requirements for 7k servers.
Today, the company’s vision is straightforward, identify, protect, detect, respond, and recovery to security events with foundational controls specific to change and configuration best practices. “We envision two major shifts in the enterprise IT space including a continued shift of IT infrastructures into the cloud, and an increase in hybrid cloud/brick-and-mortar infrastructures. The other shift is the dramatic increase in IoT and Industrial Internet of Things (IIOT) devices. CimTrak is uniquely positioned to help protect assets both within the enterprise and in the cloud,” concludes Johnson.