Using ThreatLockDown for GDPR compliance
The European Union's General Data Protection Regulation (GDPR) was created to reach an agreement on data privacy legislation across Europe. Its primary focus is protecting the data of European Union citizens. The regulation aims to improve user data privacy and reform how European Union organizations approach data privacy.
ThreatLockDown assists with GDPR compliance by performing log collection, file integrity monitoring, configuration assessment, intrusion detection, real-time alerting, and incident response.
ThreatLockDown includes default rules and decoders for detecting various attacks, system errors, security misconfigurations, and policy violations. By default, these rules are mapped to the associated GDPR requirements. It’s possible to map your custom rules to one or more GDPR requirements by adding the compliance identifier in the <group>
tag of the rule. The syntax to map a rule to a GDPR requirement is gdpr_
followed by the chapter, the article, and, if applicable, the section and paragraph to which the requirement belongs. For example, gdpr_II_5.1.f
. Refer to the ruleset section for more information.
The ThreatLockDown for GDPR white paper (PDF) guide explains how ThreatLockDown modules assist with GDPR compliance. This document doesn’t cover the GDPR formal requirements because it’s outside of its technical scope.
You can find the technical requirements that ThreatLockDown supports in the following sections: