nCircle announced its Configuration Compliance Manager 5.13. This release adds the ability to audit MySQL and Microsoft Windows Server Internet Information Services (IIS) 7 configurations, updates PCI support to Windows 7, and adds new DISA STIG policies for IIS7 and Solaris 10.


Auditing the configurations of IT systems, and monitoring changes in those configurations, is a critical step in reducing security risk and achieving compliance. nCircle Configuration Compliance Manager automates configuration auditing, and changes monitoring and configuration compliance processes, providing a clear picture of system configurations and the impact of configuration changes on compliance.

Configuration Compliance Manager utilizes a completely agentless architecture, requiring no software installation on monitored endpoints. Agentless monitoring dramatically reduces deployment costs and makes it possible to profile every device on the network, delivering the most comprehensive coverage and the lowest cost of ownership.

Configuration Compliance Manager includes a rich library of policies based on standards and benchmarks from NIST, Center for Internet Security, DISA and Microsoft, as well as policies for specific regulations, such as PCI, Sarbanes-Oxley, HIPAA, USGCB and NERC.

“With Configuration Compliance Manager 5.13, nCircle extends coverage for two of the most important technologies in the enterprise: databases and web servers,” said Tim Erlin, director of product management and IT risk and security strategist for nCircle. “The addition of MySQL auditing and the corresponding CIS policy allow customers to audit a critical enterprise application. Microsoft IIS 7 coverage, including the DISA STIG policies, extends Configuration Compliance Manager's web server auditing capabilities to help protect the underlying infrastructure behind many of the most critical enterprise applications.”

With over 65,000 downloads per day, MySQL is the one of the most popular open-source databases. MySQL provides a reliable, affordable, easy to use solution for a wide range of database applications. Configuration Compliance Manager 5.13 adds MySQL support and four CIS-certified MySQL policies, enabling customers to audit for a wide range of best practice standards in order to improve security, ensure integrity and meet regulatory compliance requirements.

Web servers are targeted and attacked by cyber criminals more frequently than any other system on an organization’s network. Microsoft IIS runs on over 84 million domains around the world and is used extensively in the enterprise. Configuration Compliance Manager 5.13 allows organizations to scan IIS7 configurations for a wide range of best practice standards to effectively manage security risks and increase compliance on these critical assets.