Please pardon the lack of specific company names. Much of our work is performed under NDA, so while generals can be discussed, any information which could provide advantage to a competitor or expose weaknesses is obscured.
Unix security compliance detection using IBM Tivoli Endpoint Manager (aka Bigfix), State Government:
A state government desired to increase responsiveness and accuracy of system security scans, particularly on Linux and Unix servers. Script-based anomaly detection was rewritten to leverage the real-time scanning capacity of IBM Tivoli Endpoint Manager’s native Relevance Language. Over a period of months, over ninety percent of checks were rewritten in relevance, allowing for real-time detection of non-compliance — a vast improvement over the previous weekly and monthly scans.