

Easily Meet Compliance Requirements with SIEM
Avoid costly fines and penalties by meeting compliance requirements, including GDPR, HIPAA, and PCI-DSS, right out of the box. With Difenda Managed SIEM, compliance requirements related to cybersecurity, data security, and breach reporting can be much easier for organizations to meet.
ISO 27001 is the international gold standard for information security management. Difenda M-SIEM can help you comply with:
- A.12.4.1 – Protect, keep, and review event logs recording user activities.
- A.12.4.2 – Protect log facilities and information from tampering and unauthorized access.
- A.12.4.3 – Protect, keep, and review system administrator and system operator activities.
- A.12.4.4 – Establish a single reference time source for the security domain.
SOC 2 is a voluntary compliance metric identifying if a business’s system complies with the relevant trust principles and what the operational efficiency of these systems is.
- CC7.2 – POF – Ensure systems and processes used to process data are accurate, complete, timely, and authorized.
NIST 800-53 is a technical standard that details U.S. government procedures, policies, and guidelines on information systems and cybersecurity. Difenda M-SIEM can help you comply with:
- AU-1, AU-2, AU-3, AU-4, AU-5, AU-8, AU-11, AU-12, AU-9 – Organizations must develop, document, and disseminate a formal access control policy to personnel, which includes roles, responsibilities, management commitment, and compliance. Businesses must also review and update the access control policy periodically.
- AU-6, AU-7, AU-9, PE-6, PE-8, SC-7, SI-4 – Protection of specified audit information and access control for sensitive information.
- AU-12 – Generate audit records for events as defined in your audit policy and procedures.
PCI DSS is a regulatory requirement designed to protect against payment card fraud and data breaches. Difenda M-SIEM can help you comply with:
- 10.2, 10.1, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 10.2.5, 10.2.6, 10.2.7, 10.3, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, 10.3.6 – Implement automated audit trails for all system components to reconstruct events and secure them so they cannot be altered. Record the user identification, type of event, date and time, success or failure indication, and origin of the event for all system components for each event. Retain and review logs for all system components at least daily.
- 10.5, 10.5.1, 10.5.2, 10.5.3, 10.5.4 – Secure audit trail files to prevent unauthorized access and modifications. Back up audit trail files to a centralized log server.
- 10.4, 10.4.1, 10.4.2, 10.4.3 – Synchronize all critical system clocks and times to a reliable time source and implement controls to prevent unauthorized modification of these clocks.
CIS Top 18 are a prioritized set of actions developed by the Center for Internet Security (CIS) that organizations can take to improve their cybersecurity posture. Difenda M-SIEM can help you comply with:
- 6 – Maintenance, Monitoring, and Analysis of Audit Logs
- 16 – Account Monitoring and Control
- 19 – Incident Response and Management