Explore Use Cases

Enable your teams to manage rapid change with IT configuration change management.

Change Activity Monitoring

Managing change is the key to driving business agility. The configuration throughout your environment, across all devices and systems, are the code or DNA to your organization. Most organizations today are completely blind to all the changes that occur, whether planned/authorized, unplanned/ad-hoc, or worse a security Indicators of Compromise (IOC). SIFF provides the ability to monitor changes across all your devices and systems to help:

Troubleshooting & Repair

85% of IT incidents are caused by configuration errors. Visibility to configuration changes is essential to accelerate problem identification and repair. SIFF provides the ability to quickly search for relevant configuration changes and view the difference and history associated with those changes.
Unified Configuration Monitoring Across All Silos
Large organizations naturally have separate domain of expertise for various technology functions within their environment. The challenge however is to avoid limiting information only to the individual silos. As modern business services increasingly become more and more distributed, with inter-dependencies crossing many technologies (containers, VMs, hybrid-cloud, software-defined networks, vlans, etc), it is essential to have visibility and quickly determine how simple configuration changes can drastically impact other services and cause major critical outages.

Configuration Search & Reporting

A common task of looking up configuration details can be more time consuming than it seems. You need to connect to the device or system, use the appropriate access credentials, navigate to the right files and/or use the correct commands to display the configuration details. Now add multiple devices and systems, different vendors and technologies – it’s easy to become bogged down in the legwork rather than accomplishing the task at hand. SIFF makes this simple – users can simply search for any configuration details across their entire environment as though they’re searching Google.
Security-IOC-Search-Reporting
Centralized-Config-Repository-Versioning

Centralized Configuration Repository & Versioning

The promise of a centralized configuration repository or CMDBs have been around forever. Current approaches however lack the actual configuration details necessary for it become useful. Most CMDBs implementations are often adopted as CI references for ITIL processes while providing rudimentary asset information (e.g. CPU, Memory, etc). SIFF provides a configuration repository that contain actual configurations from ALL devices and systems, that can be easily searched, reported and acted upon.

Configuration Audit, Reporting & Historical Logging

Collecting and analyzing configuration details is a common activity for any security and IP policy audits. Compiling all the necessary details can be a time consuming task. From simple operational queries (e.g. reviewing if MySQL max_connections is too high), to more extensive analysis (e.g. are there any servers listening to ports outside the permitted list), SIFF makes this easy.

Asset Inventory & License Audit Reporting

Hardware and software asset inventory reporting are routine tasks that are performed on a regular basis. SIFF simplify these common tasks while also supporting advanced searching and reporting that may be needed for complex license audits

Configuration Policy & Compliance Monitoring

For large organizations with governance teams, monitoring configuration policy compliance can be an exhaustive task. Most do not have any means to monitor or ensure compliance to these policies. For example don’t deploy application services without updating the default passwords, don’t add users to these servers, make sure the cloud storage is not open to the public, etc. SIFF provides the ability to define and automate configuration compliance monitoring to enable the governance team to proactively ensure the safety of the organization

Change Management Review & Analysis

The Change Management process is an essential best practice that helps minimize the number of errors that are introduced into the environment. Any work should be planned and approved with a Change Request before it is executed. The processes that are implemented in most organizations, however, frequently neglect the critical step of reviewing the work that was done. More precisely, the configuration changes that occurred as part of that work. This review allows any errors, omissions, side-effects / impact to be discovered early before a major outage occurs. Post-implementation reviews are often skipped because of the tedious work to collect all the configurations that were changed and due to how time-consuming it can be to identify all the differences within each of them. SIFF makes this easy by utilizing a number of strategies to automatically associate configuration changes to their respective Change Requests.

Authorized & Unauthorized Change Visibility

Without visibility to change activity throughout the environment, it is challenging to distinguish between approved configuration changes and ad-hoc changes. This lack of configuration monitoring makes it easy for intruders to hide, and difficult for teams to detect any changes that the intruder may have implemented. SIFF, together with the enhancements to the change management process, can help provide the necessary visibility and control to config changes that occur in your environment.

Security Forensics
Once an intrusion has occurred, how do you quickly determine what has been compromised? What has been changed? SIFF provides the essential historical logging and versioning of all configuration information needed by the security team to determine the appropriate Course of Action (CoA).

Security IOC Search & Reporting

A new vulnerability has been announced. How do you find out which of your systems or devices that may be susceptible? These could be specific compromised files or system / application versions, or simply bad configuration settings. SIFF makes it easy to search and report on the systems and devices that need action.
Security-IOC-Search-Reporting
Contact Us
Forget the complex installs and configs, get started with SIFF Collector in your environment in three easy steps.