Tufin Change Request Violation

Do you use this solution to automatically check if a change request will violate any security policy rules? If yes, please explain with examples.

NetworkS6585
Network Security at a transportation company with 10,001+ employees
We use this solution to automatically check if a change request will violate any security policy rules. Similar to what we are doing with Azure, where they request a change, and if it violates policies, it gets kicked back. Then, we have to review it and figure out what they're doing. We can then move forward with it, if it's approved.
View full review »
NetworkS3480
Network Security at a insurance company with 1,001-5,000 employees
We use this solution to automatically check if a change request will violate any security policy rules. For example, if the engineer is making a change that hasn't been authorized, we will know about it.
View full review »
Salvador Teran
Network Security at a tech services company with 5,001-10,000 employees
We use the solution to automatically check if a change request will violate any security policy rules by generating a Sunday email report in these type of situations.
View full review »
John Fulater
Security Engineering at a financial services firm with 10,001+ employees
There's a new feature that validates standards. It allows the checks and balances against it, so it doesn't even go forward. It just says, "You're not right. Do it again."
View full review »
ITSecuri46f3
IT Security Professional at a pharma/biotech company with 10,001+ employees
Our company has a grid, and there are different blocks of public domains and internal domains. It checks all that on our security grid. That has been customized by our administrator.
View full review »
Security4691
Security Engineer at a manufacturing company with 10,001+ employees
We use this solution to automatically check if a change request will violate any security policy rules. Every change request has to go through a security approval step, but we also leverage the Unified Security Policy to automate some of that decision-making.
View full review »
Marko Martin
Technical Team Lead at Paragon
Inside of Tufin, we plan to leverage the USB in solutions.
View full review »
SrAdvisof832
Senior Adviser Cyber Security at a comms service provider with 10,001+ employees
In the future, we will use the solution to check if a change request will violate any security policy rules.
View full review »
Managerfac3
Manager at a manufacturing company with 10,001+ employees
We use Tufin to automatically check if a change request will violate any security policy rules. One of the things we want to do is to have a blacklist/whitelist policy. A blacklist of things that can never be allowed and a whitelist of things which are always allowed. I want this tool to block or report ports that should not be used, putting somebody in a change. In addition to that, I want it to be able to block people from mapping IP addresses in North Korea, Iran, or whatever is on the blacklist.
View full review »
NetworkS2260
Network/Security Engineer at a leisure / travel company with 51-200 employees
The solution will automatically check if a change request will violate any security policy rules. We have an auditing staff using this feature within Tufin. If we have an open rule, it will send us an alert and we can see why this alert has been sent and take action on it.
View full review »
Mohd Majmi Mohamad
Regional OSH at Pos Malaysia Berhad
Tufin was able to automatically check if a change request would violate any security policy rules. During our PoC I tested it by trying to do unauthorized changes and Tufin met our requirements.
View full review »
ITManage3885
IT Manager at a financial services firm with 10,001+ employees
Not right now, but we are planning to. We have that on our roadmap.
View full review »
HugoSanchez
Security Analyst at Equifax Inc.
We don't have this issue in our company.
View full review »
Shaun Slatton
Automation Engineer at Cox Communications
Yes. We have four workflows currently in SecureChange, and for two of these workflows, the very first thing that we do in response to a policy request is to evaluate it. We check to see if the new policy is needed or not, and we determine how to proceed from there.
View full review »
David Higgins
Senior IT Analyst at Exelon Corporation
No, we don't use this functionality.
View full review »
John_Ford
Managing Director at Midpoint Technology
Securitya49e
Security Engineer at a government with 10,001+ employees
Not right now.
View full review »
Ed Aguila
Senior Network Engineer at a pharma/biotech company with 10,001+ employees
Currently, no, we don't use that at the moment. We're moving in that direction.
View full review »
Ben Stern
Service Engineer at G2 Deployment Advisors
All of the customers I have worked with who have the SecureChange product use the change request violation risk analysis in the workflows. It is usually the third step of every workflow that I configure. For example, we have an energy customer that has a different team of people which deals with a given workflow if it has risks. They have Tufin set up to automatically run the risk reports and, in the next step, if the risk is considered low, it goes to one team; if it's considered medium, it goes to a different team. That really allows them to move their changes along without too much human intervention or too much delay... Every single one of our SecureChange customers has seen significant improvement in the time it takes to make a change.
View full review »
Jeffrey Belanger
Security Consultant at a insurance company with 10,001+ employees
We do not use USP, yet.
View full review »
Infrastra69d
Infrastructure Analyst at a manufacturing company with 10,001+ employees
We have tested the system to see if it will automatically check to see if a change request will violate any security policy rules, and it will do what we need. We intend to use this feature in production.
View full review »
InfoSecC1266
InfoSec Consultant at a insurance company with 10,001+ employees
We do not yet use this solution to automatically check if a change request will violate any security policy rules.
View full review »
Jim Robinson
Senior Specialist at Cigna
We use this solution to automatically check to see if change requests will violate any security policy rules, but I do not have any specific details or examples.
View full review »
William Temple
CyberSecurity Supervisor at a energy/utilities company with 10,001+ employees
Every single request that comes through, Tufin checks and does a risk assessment against our USP, the Unified Security Policy.
View full review »
Robert Letson
Director at Visa Inc.
We use the Unified Security Policy to automatically check if a change request will violate any security policy rules.
View full review »
NetworkEccd3
Network Engineer Lead at a energy/utilities company with 10,001+ employees
We use this solution to automatically check if a change request will violate any security policy rules. Even though we've been using the product for several years, we've just now started rolling out SecureChange, updating our USPs, and building USPs. We are using those to do security checks.
This solution helped us meet our compliance mandates. With the USPs, we can control what is being put in, then we know when violations are occurring ahead of time.
View full review »
TeamLeadc1d6
Team Lead of Border Protection at a manufacturing company with 1,001-5,000 employees
Risk analysis is automatically in our policy.
View full review »
Tom Loeber
Services Engineer at AccessIT Group
We use this solution to automatically check if a change request will violate any security policy rules. E.g., we will not be allowing SSH to the Internet. That is one change request where we can be like, "Put that right on top of the policy."
View full review »
NetworkS2695
Network Security Operations at a insurance company with 10,001+ employees
We use the solution to automatically check if a change request will violate any security policy rules. If a request comes in, and it is from an Internet zone going straight out to an inside secure zone, then we definitely flag it. There are other policies that we find in our USP, which we flag. These are the type of things that we check.
View full review »
Christian Myers
Consultant at Critical Design Analytics
Most customers will go through and check the USP to see if it violated with the designer tool.
View full review »
NetworkEng4365
Senior Network Engineer at a financial services firm with 10,001+ employees
We use the solution to automatically check if a change request would violate any security policies or rules. Our cyber team is on it as well. We comb through all the changes done for that rule and verify. Before we do a push, we verify that there was no compromise to our security posture.
View full review »
Sign Up with Email