Description

This package provides support for managing Security Operations in the enterprise through processes of Breach Reporting and Security Incident management. The applications v1 consist of the following components:

  • A Breach Report entity process used a first step in capturing potential security concerns.
  • Breach reports can be submitted by employees through the use of a dedicated Breach Report Catalog Offering that is exposed for self-service access through the SMAX Portal.
  • Investigation of a breach report may lead to escalation to a Security Incident, which is a process designed specifically to quickly eliminate current risk and then follow-up by taking more permanent change measures to ensure the security vulnerability is removed completely.
  • While handling the security incident, a related Change using a Security Change Model can be created for proper assignment and implementation of the permanent security vulnerability corrective actions.
  • Finally, employees can be notified of security measures, concerns, risks, or actions through the publication of News bulletins using a Security News Model that provides an appropriate template to document all the relevant details.

With v2 of the package, we enhanced the app to be NIST compliant by adding following new functionality:

  • The former Breach Report process has been renamed as Breach Event to better align with NIST terminology
  • New Comment Stakeholders added to allow tracking of updates and comments
  • Security Media Bulleting model to handle the process of publishing externally facing bulletins th
  • Following NIST guidance, enhanced Incident assignment logic
  • New Incident Stakeholders with proactive notifications, allows the registration of multiple people that must follow the status of the security incident
  • New Security Incident Reporting Source enumeration allows tracking of NIST specified sources of the Incident
  • Enhanced Containment Phase instructions specify NIST recommended details that must be documented within the incident
  • Expanded documentation provides specific details on the alignment of the SMAX SecOps applications and the specifications provided by NIST for security handling.

Suggested apps

Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.

Releases

Release
Size
Date
Security Operations (SecOps) 2.0
1.9 MB
  |  
Aug 20, 2019
More info Less info
Product compatibility
Version 2021.08 · 2021.05 · 2021.02
Version 2020.11 · 2020.08 · 2020.05 · 2020.02
Version 2019.11 · 2019.05 · 2019.08
Release notes

What is new in Version 2

The latest version of the SecOps application introduces enhancements to align with the NIST (National Institute of Standards and Technology) best practice specifications for Security Incident processes.

Changes introduced since version 1 to align with NIST include:

  • The former Breach Report process has been renamed as Breach Event to better align with NIST terminology
  • New Comment Stakeholders added to allow tracking of updates and comments communicated with further types of stakeholders, such as: o Law Enforcement o Media o Customers
  • Security Media Bulleting model has been added to handle the process of publishing externally facing bulletins that alert the media about public facing security issues. The model includes formal review/approval and publication workflows
  • Following NIST guidance, enhanced Incident assignment options to allow coverage by
  1. Security Group – Owns the governance and approval of the incident
  2. Assignment Group - Currently assigned to work on the ticket. This may point to an Internal or Vendor/Supplier group.
  3. Expert Group - May provide additional expert support or assistance
  • New Incident Stakeholders many-to-many relationship allows the registration of multiple people that must follow the status of the incident
  • New Stakeholder Notification template and business rules ensure all people registered as Stakeholders are notified when the incident status changes
  • New Security Incident Reporting Source enumeration allows tracking of NIST specified sources of the Incident, such as Manual reporting or automatic detection by Monitoring, Event, Anti-virus software, etc.
  • Enhanced Security Vulnerability and Security Impact enumerations provide further NIST specified standard values
  • New Security Recoverability enumeration flags the type of recovery that can be performed in relation to the resources impacted by the security incident
  • Enhanced Containment Phase instructions specify NIST recommended details that must be documented within the incident, such as the containment strategy, attack evidence, attacking hosts, etc.
  • Expanded documentation provides specific details on the alignment of the SMAX SecOps applications and the specifications provided by NIST for security handling.

Please note:

If you are importing this version 2 over an existing version 1, you need to re-apply any modifications you have made to v1 of the SecOps app.

Languages
English
Security Operations (SecOps) 1.0
2.0 MB
  |  
Jun 7, 2019
More info Less info
Product compatibility
Version 2021.08 · 2021.05 · 2021.02
Version 2020.11 · 2020.08 · 2020.05 · 2020.02
Version 2019.11 · 2019.08 · 2019.05
Release notes

This newly created application provides support for managing Security Operations in the enterprise through processes of Breach Reporting and Security Incident management. The applications consist of the following components:

  • A Breach Report entity process used a first step in capturing potential security concerns.
  • Breach reports can be submitted by employees through the use of a dedicated Breach Report Catalog Offering that is exposed for self-service access through the SMAX Portal.
  • Investigation of a breach report may lead to escalation to a Security Incident, which is a process designed specifically to quickly eliminate current risk and then follow-up by taking more permanent change measures to ensure the security vulnerability is removed completely.
  • While handling the security incident, a related Change using a Security Change Model can be created for proper assignment and implementation of the permanent security vulnerability corrective actions.
  • Finally, employees can be notified of security measures, concerns, risks, or actions through the publication of News bulletins using a Security News Model that provides an appropriate template to document all the relevant details.
Languages
English
Files
(132.9 KB)

Unsubscribe from notifications

You are receiving release updates for this item because you have subscribed to the following products:
If you unsubscribe, you will no longer receive any notifications for these products.
Tip: to update your subscription preferences, go to Manage Subscriptions from your Dashboard, uncheck the products you no longer want to receive notifications for, and click 'Save'.

Marketplace Terms of Service

In order to continue, you must accept the updated Marketplace Terms of Service
Since you are downloading an app from the Micro Focus Marketplace, you need to accept the updated Marketplace Terms of Service before you can continue. Use the link to review the Marketplace Terms of Service. Once complete check the, "I accept the Marketplace Terms of Service" box below and click accept to continue your download.


Your download has begun...

Your download has begun

Related content and resources

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox

release-rel-2021-10-2-4543 | Thu Oct 21 03:26:53 PDT 2021