Cimcor: Comprehensive Real-Time Security for IT Systems

CIO VendorRobert E. Johnson III, President & CEO
The rapid evolution of cyber threats is creating security challenges in spite of the fact that many corporations have world-class security processes in place. For instance, the independent lab, AV-Test indicates that it currently catalogs 390,000 new strains of malware every day. Modern cyber criminal’s new found level of planning and patience to plant malicious software on systems is maximizing the impact. Malware is being produced at such a voracious pace, it is becoming increasingly difficult for security vendors to scale and provide tools that can identify and respond to these threats. Indiana based, Cimcor, Inc. embodies the combination of innovation and simplicity in developing security software that remains effective, even against latest threats and attacks.

In contrast to many signature-based security products, CimTrak—a comprehensive security, integrity and compliance application, focuses on ensuring that servers, network devices, and other components of the IT infrastructure are exactly in the same expected state. This capability is made possible by the advanced authoritative baseline that CimTrak creates and maintains for each server, workstation, network device, or IT component that is being monitored. “We created CimTrak because we felt that the predominant methods of securing systems, based on malware fingerprints, were largely ineffective and would not scale well over time,” says Robert E. Johnson III, President & CEO, Cimcor, Inc.

The core mission of the CimTrak Integrity Suite is to provide enterprises with deep insight and knowledge of all changes within their infrastructure, with the ability to detect changes in real-time. CimTrak provides detailed information such as, when the change was made, who made the change, what process/program was used to make the change, and other forensic information.

CimTrak can help an organization improve their security posture by proactively monitoring the integrity of VMWareESXi hosts configurations, Active Directory/ LDAP attributes, router/switch/firewall configurations, virtual network settings, users and groups, registry entries, and much more. CimTrak can even identify unanticipated changes to Oracle, MySQL, Microsoft SQL Server, and IBM DB2 database schemas.
Unique in integrity monitoring product space, the tool also includes proactive features, such as the ability to prevent specified system directories from being monitored, and the ability to automatically self-heal systems in the event of an unexpected change. “Our audit trail is so sophisticated that it can be used to restore a file to a previous state, even if it wasn’t hacked or altered in a malicious way,” says Johnson. If the customer so desires, CimTrak can even be configured to monitor if a person simply "looks" at a file. This obviously has significant implications for assisting the intelligence communities and other organizations that handle sensitive information.

In an implementation highlight, an organization that must be PCI Compliant had just deployed servers into the cloud and they wanted to ensure that the servers had not been changed. CimTrak was deployed on all the servers in the cloud and all these cloud-based servers were configured to report back to a single CimTrak Management Server located in their physical infrastructure. The CimTrak Integrity Suite provided the customer with the best of both cloud and on-site topologies. CimTrak has complete support for Amazon Linux AMI for AWS, Google Compute Engine, Microsoft Azure, OpenStack, and many other cloud platforms.

Our audit trail is so sophisticated that it can be used to restore a file to a previous state, even if it wasn’t hacked or altered in a malicious way

Moving ahead, while Cimcor can robustly monitor most SCADA systems, the plan is to extend that level of monitoring to Programmable Logic Controllers and other control systems. In addition, the firm is expanding their change monitoring capabilities to more application-specific data such as EMR systems, ERP systems, CMS and more. “Furthermore, we will be extending the architecture to monitor changes and threats for the growing segment of IoT that is rapidly expanding their footprint on enterprise networks,” adds Johnson.


Merrillville, IN

Robert E. Johnson III, President & CEO

Provides innovative security and integrity software solutions.