Fortunately, many of the requirements for achieving the controls specified in ITIL can be fulfilled using existing tools. For example, for ITIL’s Security Management Planning sub-process to “ensure the proper implementation of specified security measures,” Tripwire Enterprise’s change auditing features can provide assistance by verifying individual monitored devices configurations against pre-defined goals, such as capturing access controls on a new server’s file system to confirm they align with any expected security hardening.

Read full article on Tripwire – The State of Security