NIST Cybersecurity Framework

NIST Cybersecurity Framework: access and security controls

Guidance on implementing authentication, authorisation, privileged access controls and enforcement of access restrictions under the NIST Cybersecurity Framework.

AD360

Centralises user provisioning, SSO and MFA to enforce authentication and access controls across directories.

View Product

WALLIX PAM

Centralises privileged credentials and enforces access policies for administrative accounts and sessions.

View Product

PAM360

Discovers and stores privileged credentials, controlling access and brokering sessions for administrators.

View Product

WALLIX One

Manages privileged accounts and enforces access policies across systems to support access governance.

View Product

Heimdal Privileged Account and Session Management

Controls privileged account access, brokers sessions and limits administrative rights across systems.

View Product

Heimdal Privileged Elevation and Delegation Management

Automates elevation and delegation to grant time-bound privileges while reducing standing administrative rights.

View Product

WALLIX Remote Access

Provides controlled remote access with authentication and authorisation to manage access to servers and devices.

View Product

Specops Password Policy

Enforces password composition and blocks banned or breached passwords for Active Directory accounts.

View Product

uniqkey

Stores and controls organisational credentials in an encrypted vault with centralised access management.

View Product

Specops uReset

Provides password self-service and secondary verification to validate identity and restore account access securely.

View Product

ADSelfService Plus

Provides password self-service and MFA to reduce support and strengthen authentication controls.

View Product

Adaxes

Automates AD administration and enforces policies for user accounts, groups and delegated roles.

View Product

Endpoint Central

Provides endpoint configuration and security controls including patching, hardening and remote enforcement.

View Product

NIST Cybersecurity Framework: Audit evidence and records

Map and retain logs, configuration snapshots and control reports to NIST Cybersecurity Framework functions to support audit trails and evidence requests.

NetWrix Auditor

Collects configuration and activity logs and stores tamper-evident records for audit and review.

View Product

ADAudit Plus

Records AD and Windows events with searchable trails and alerts to support audit and incident review.

View Product

M365 Manager Plus

Collects Microsoft 365 activity and configuration logs to produce audit reports and alerts for review.

View Product

WALLIX PAM

Records privileged sessions and administrative actions to produce auditable trails for investigations.

View Product

WALLIX One

Creates recorded session logs and change histories to provide evidence for privileged access audits.

View Product

PAM360

Automates session recording and password rotation while retaining logs for compliance and forensics.

View Product

Heimdal Privileged Elevation and Delegation Management

Logs elevation events and delegation changes to create auditable records of privileged operations and use.

View Product

Heimdal Privileged Account and Session Management

Records privileged activity and session recordings to produce auditable trails for review and investigation.

View Product

MOVEit

Provides secure, logged transfer trails and centralised audit records for compliance review.

View Product

MOVEit Cloud

Maintains transfer logs, user activity and reports to support audit and forensic review.

View Product

MOVEit Automation

Produces central logs and transfer histories to provide audit evidence for file workflows.

View Product

MOVEit Transfer

Records transfer activity and user access to create auditable trails for compliance and investigations.

View Product

Identity360

Aggregates identity and access events to correlate activity and produce logs for investigation and monitoring.

View Product

AD360

Captures authentication and provisioning events to provide consolidated logs for audits and investigations.

View Product

WALLIX Remote Access

Records remote sessions and user activity to produce logs suitable for audit and incident analysis.

View Product

NIST Cybersecurity Framework — data protection and handling

Aligns NIST CSF functions and controls with data classification, secure transfer, retention and controlled handling to address data protection requirements.

Netwrix Endpoint Protector

Enforces device and channel controls and logs data transfers to prevent unauthorised data exfiltration.

View Product

RecoveryManager Plus

Performs scheduled backups and enables point-in-time restore to recover directory and user data.

View Product

Netwrix Data Classification

Discovers and labels sensitive data across repositories to support handling and compliance controls.

View Product

MOVEit

Encrypts and controls file transfers while enforcing retention and access policies for data.

View Product

MOVEit Transfer

Enforces encryption, access controls and secure protocols to protect files in transit and rest.

View Product

MOVEit Automation

Automates encrypted file flows and enforces policy to protect data during system transfers.

View Product

MOVEit Cloud

Cloud-hosted transfers with encryption, access controls and retention to protect shared data.

View Product

NIST Cybersecurity Framework for governance and compliance

Map controls and accountability to the NIST Cybersecurity Framework to support oversight, policy enforcement and compliance reporting for UK IT estates.

CyberSmart

Provides policy management, monitoring and supporting evidence to help organisations show compliance.

View Product