Danny Johnston, group president of Gladiator Technology Group, said, âGladiator is constantly striving to improve our Vault functionality, reports, and product based on constructive customer feedback. Both of these new enhancements were designed to provide our financial institution clients with a valuable audit trail regarding their security event activity.â
Karen Crumbley, product manager for Gladiator Technology Group, added, âThe ideas for these new enhancements were born from the Gladiator Advisory Council meeting hosted this past spring. We invited existing clients to Atlanta to share information regarding industry trends, discuss product offerings, and gather important customer feedback regarding Gladiator services.â
According to Ben Murphy, Gladiator Technology Groupâs vice president of security operations, âThe new Client Notes enhancement is a tool our customers requested to provide an audit trail that documents their organizational responses to high- and medium-level security incidents as they occur and are detected by Gladiatorâs 24x7x365 Security Operations Center. If a client receives a report from the Gladiator Security Operations Center regarding an aggressive port scan against their firewall, the ISO might determine that this activity is related to a valid external penetration test. The ISO can then log into the Vault and add a note to the security ticket documenting that it was related to a valid external penetration test. When the ISO reviews the report with the bankâs technology committee or an examiner, he will not have to rely on memory to recall what was done with the incident since notes explaining the activity will be included within the ticket. In addition, the notes will appear in the monthly comprehensive report and on-demand technology committee report under the security operations center ticket sections.â
Gladiatorâs new eISO product is another valuable tool for ISOs that enables them to track their review of the daily security activity summary. ISOs receive a daily summary e-mail and they can acknowledge receipt of the data after reviewing the information, creating a record in the database that can be used for reporting purposes. âOur goal for this product is to provide an audit trail for internal use as well as a tracking tool that demonstrates to examiners that this activity is being overseen,â said Murphy.
Crumbley further explained, âGladiatorâs eISO product consists of four main components â the daily e-mail, the daily activity summary, the monthly report, and the report archive. The daily activity summary is the heart of the product and contains valuable data regarding security event details categorized into high, medium, and low risk categories, as well as summaries by security layer.â
âThe Client Notes and the eISO enhancements were designed around our customersâ needs and demonstrate how Gladiator Technology Group is making it easier for our customers to track and oversee their security event activities,â concluded Johnston.