Introduction
The Sarbanes-Oxley Act (SOX) came into force in July 2002 and introduced major changes to the regulation of corporate governance and financial practice. By mandating the requirements for reliability and usefulness of financial reporting, SOX is designed to renew investor’s trust and understanding of public corporation financial reporting.
The SOX Act provides specific details on IT and IT security including any computers, network hardware, and other electronic equipment that financial data passes through. The Act helps to ensure that proper controls are in place to prevent data breaches, prevent unauthorized users from viewing sensitive financial information and have tools ready to remediate incidents should they occur.
An independent external SOX auditor is required to review controls, policies, and procedures during a Section 404 audit and the audit requires all financial reports to include an Internal Controls Report. This shows that a company’s financial data are accurate (within 5% variance) and adequate controls are in place to safeguard financial data.
SOX auditing requires that “internal controls and procedures” can be audited using a control framework like COBIT. Log collection and monitoring systems must provide an audit trail of all access and activity to sensitive business information.
Request My Demo
Alert Logic Solutions
Using Alert Logic solutions, companies can implement a broad range of regulatory and industry security standards (such as SOC 2, PCI DSS, HIPAA, SOX, and GDPR) with less complexity, and at a fraction of the total cost and time of traditional security tools. Alert Logic integrates cloud-based software, analytics and expert services to assess, detect and block threats to applications and cloud environments to improve your security visibility and compliance programs. We focus on the threats most relevant to cloudhosted applications by defending each layer of your application and infrastructure stack against hard-to-detect web application attacks. Integrated expert services augment your in-house security team by monitoring your cloud workloads and environment 24/7. Analyst investigate alerts and contact you within 15 minutes if we detect suspicious activity such as: unauthorized access, exposure or modification of accounts, controls or configurations. Reduce your risk of attacks with continuous. Vulnerability scanning and configuration inspection of your applications and cloud environments.
- Quickly respond to attacks and post-breach activities with distributed IDS sensors that provide full packet inspection and real-time alerts.
- Protect customer data from network and OWASP Top 10 attacks with web application scanning and web application firewall technologies.
- Prepare for audits, anytime with the event and log data you need for automated alerts, audit trails and easy access for reporting and audits, stored in our secure SSAE 16 Type 2 audited data centers for as long as you need.
- Free up resources with ActiveWatch™ experts for daily log reviews and 24/7 event and threat monitoring.
Alert Logic maintains strict compliance with internal and external regulatory requirements for our IT operations and services, including: PCI DSS 3.2 Level 2 Audit, AICPA SOC 1 & 2 Audit, and ISO 27001-2013 certification for UK Operations.
Alert Logic SOX Solutions Mapping
The integrated services that make up Alert Logic address a broad range of SOX requirements to help you prevent incidents that threaten the security, availability, integrity and privacy of financial and customer data.
| SOX 404 | MDR ESSENTIALS | MDR PROFESSIONALS | MDR ENTERPRISE |
| DS 5.9 Malicious Software Prevention, Detection and Correction |
◉ |
◉ | ◉ |
| DS 5.5 Security Testing, Surveillance and Monitoring DS 5.6 Security Incident Definition DS 13.3 IT Infrastructure Monitoring |
◉ | ◉ | |
| AI3.2 Infrastructure resource protection and availability | ◉ |
| ALERT LOGIC | SOX 404 |
ALERT LOGIC MDR ESSENTIALSVulnerability & Asset Visibility
|
DS 5.9 Malicious Software Prevention, Detection and Correction |
ALERT LOGIC MDR PROFESSIONAL24/7 Managed Threat Detection and Incident Management(Includes Essentials)
|
DS 5.5 Security Testing, Surveillance and Monitoring DS 5.6 Security Incident Definition DS 13.3 IT Infrastructure Monitoring |
ALERT LOGIC MDR ENTERPRISEDesignated Security Expert(Includes Essentials)
|
AI3.2 Infrastructure resource protection and availability |
Demonstrate SOX Compliance Preparedness
Alert Logic ingests AV logs and analyzes them to provide key insights for alerting and Security Operations Center (SOC) support, such as:
- Detection of known hack tools such as pwdump, wincred, and mimikatz whose presence is highly correlated with malicious post-compromise activity.
- Detection of writing to privileged locations on the local system, which is indicative of a user or malware with administrative privileges – often a later stage action in the attack cycle.
Monitor the infrastructure for security-related events
Alert Logic provides Interactive reports that provide convenient access to analysis, statistics, and trending data. The Incident Analysis report group provide valuable insights and trending data for incidents.
- Incident Daily Digest – Threat status of your infrastructure from incidents detected on the previous day for the selected detection types.
- Incident Daily Digest Trends – Histogram chart that allows you to focus on how your threat landscape of detected incidents has evolved within the specified date range.