Visualization and dashboard
ThreatLockDown offers a web dashboard for data visualization and analysis. The ThreatLockDown dashboard comes with out-of-the-box modules for threat hunting, compliance, detected vulnerable applications, file integrity monitoring data, configuration assessment results, and cloud infrastructure monitoring. It’s useful for performing forensic and historical alert analysis.
The ThreatLockDown dashboard assists in meeting the following HIPAA section:
Security Management Process §164.308(a)(1) - Information System Activity Review: “Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.”
This section of the HIPAA standard requires reviewing the activities performed on endpoints that handle health data regularly. This is to detect malicious behavior or security violations.
Use case: Review HIPAA security alerts
ThreatLockDown generates alerts when there are violations of the HIPAA sections. The ThreatLockDown dashboard is used to review events and alerts generated by suspicious activities.
The ThreatLockDown dashboard comes with a dedicated module to track HIPAA related events.
When you choose the HIPAA module, you can see all alerts related to the HIPAA standard:
Additionally, the Controls section of the HIPAA compliance dashboard shows the various HIPAA related events. For ease of navigation, the ThreatLockDown dashboard groups events according to the HIPAA section they meet or violate.
On the ThreatLockDown dashboard, each HIPAA section has an information area. This area details the goals of the section, its description, and related events on the monitored endpoints.