Secure Monitoring
Safety as a fundamental pillar of monitoring
Security has always been present and we can affirm that Pandora FMS can be adapted to meet demanding security standards such as PCI/DSS or ISO 27001.
Complete monitoring requires access to all elements of the IT infrastructure
This is a very important aspect to take into account when implementing a monitoring system.
%
Believes the risk of being a victim of cybercrime is increasing
%
Are concerned that their private data is not protected by suppliers
%
Are concerned about their private data being misused
%
Are concerned that their data is not kept secure in their environments
Source: *EU commission Special Eurobarometer: Europeans attitudes towards Internet Security, March 2019
You can read more information about computer security in our blog →
Security monitoring
If you are looking to monitor the security of your systems, we can help you. Pandora FMS, in addition to monitoring security infrastructure, uses the data sources and software agents installed on your servers and workstations for much more.
What can we offer you?
Because the roots of Pandora FMS arise from specific needs in a banking security environment, an efficient and quality design and architecture has been marked.

24/7 direct international support
At the other side of the phone, you will find an experienced technician from our engineering team, who will also have the backup of the rest of the team in charge of Pandora FMS, from the development team to the sales team that manages your account.

Safe environment implementation guide
We have a little implementation guide for safe environments. Of course we also offer consulting advanced services to help you if necessary.

Vulnerability history
We keep a register of Pandora FMS public reported vulnerabilities updated. Furthermore, we have a public security breach management policy that allows any security investigator to report failures in order for us to fix them and notify our clients before those become public and can be taken advantage of by third parties.

Code audit
The whole code is public and accessible in the OpenSource version, not recently, but since 2005. The code of the Enterprise version can be requested under specific circumstances (only for clients) so that you may audit it if you consider it necessary. We have done it for different clients in national and aerospace security.
Security and compliance functionalities
Null
Auditing, Monitoring and Detection
Access Security and Authentication
Data Protection and Encryption
Systems Management and Control
Infrastructure and Network
High Availability and Backup
Security and compliance functionalities
Auditing, Monitoring and Detection
Internal audit system
Records all actions performed by users on the platform, including changes, accesses, deletions and configuration alterations. This detailed history makes it possible to detect anomalous behavior, perform complete audits and provide traceability in the event of security or compliance incidents.
Related standards:
- COBIT MEA03.02 (Security Monitoring)
- GDPR Art. 30 (Logging of activities)
- HIPAA 164.312(b) (Audit)
- ISO 27001 A.12.4.1 (Event logging)
- NIS2 Art. 23 (Incident logging and reporting)
- PCI DSS 10.2 (Audit of all actions)
Transfer of audit data to external log management systems
Internal activity logs can be exported to external log management systems for retention, analysis or correlation with other sources. This reinforces the integrity of the system and enables independent auditing.
Related standards:
- COBIT DSS05.07 (Security Monitoring Management)
- HIPAA 164.312(b) (Audit)
- ISO 27001 A.12.4.3 (Protection of records)
- NIS2 Art. 23 (Incident logging and reporting)
- PCI DSS 10.5 (Log security)
Monitoring
Pandora FMS advanced functionality that contributes to the control, visibility or protection of monitored systems. Its implementation helps to comply with cybersecurity regulations by improving traceability, detection, or mitigation of threats.
Related standards:
- COBIT MEA01.01 (Continuous Security Monitoring)
- HIPAA 164.312(b) (Audit of activity logs)
- ISO 27001 A.12.1.1 (Control of operations)
- NIS2 Art. 21 (Detection and Response Capability)
- PCI DSS 10.6 (Log and event review)
File Integrity Monitoring (FIM)
Pandora FMS advanced functionality that allows detecting unauthorized changes in critical system files. It is key to ensure the integrity of configurations, binaries and sensitive files, offering alerts in case of suspicious modifications.
Related standards:
- COBIT DSS05.07 (Detection of unauthorized modifications)
- ISO 27001 A.12.4.1 (Event Logging)
- PCI DSS 11.5 (Monitoring of changes to critical files)
Vulnerability Detection
Advanced functionality that performs periodic scans to identify outdated software, insecure configurations or components with known CVEs. Facilitates the implementation of preventive measures and reduces the exposure surface.
Related standards:
- COBIT DSS05.06 (Vulnerability testing and management)
- ISO 27001 A.12.6.1 (Technical Vulnerability Management)
- NIS2 Art. 21 (Vulnerability management)
- PCI DSS 11.2 (Vulnerability scanning)
SIEM Functionalities
Pandora FMS advanced functionality designed to collect, correlate and visualize security events. It allows detecting anomalous patterns and incidents by means of predefined or customized rules.
Related standards:
- COBIT MEA03.01 (Continuous monitoring and security analysis)
- ISO 27001 A.16.1.7 (Collection of evidence)
- PCI DSS 10.2–10.6 (Log Correlation, Retention and Review)
Behavioral Analysis (UBA/UEBA)
Advanced functionality that analyzes user and entity behavior patterns, detecting unusual activities that could indicate security incidents or improper access.
Related standards:
- COBIT DSS05.07 (Behavioral Monitoring)
- ISO 27001 A.12.4.1 (Event logging)
- NIS2 Art. 21 (Anomaly detection)
Detection of external malware or IOCs
Advanced functionality that allows you to integrate external sources of indicators of compromise (IOCs) and analyze signals of infection or malicious activity on monitored systems.
Related standards:
- COBIT DSS05.05 (Protection against malicious code)
- ISO 27001 A.12.2.1 (Controls against malware)
- NIS2 Art. 21 (Protection against threats)
- PCI DSS 5.1 (Malware Detection)
Long-term log retention support
Functionality that allows storing and protecting activity logs for long periods of time, meeting regulatory requirements for retaining security evidence.
Related standards:
- COBIT MEA03.01 (Preservation of evidence)
- ISO 27001 A.12.4.3 (Protection of logs)
- NIS2 Art. 23 (Incident Recording and Analysis)
- PCI DSS 10.7 (Retention of logs 1 year)
Supervision of integrations with third parties (APIs, external databases)
Functionality that allows monitoring and auditing connections with external providers, APIs and databases, ensuring their correct operation and compliance with service agreements.
Related standards:
- COBIT APO10.04 (Monitoring of relationships with third parties)
- GDPR Art. 28 (Data Processors)
- ISO 27001 A.15.2.1 (Monitoring of third-party services)
Access Security and Authentication
Double authentication system
Incorporates a second verification factor based on Google Authenticator. This enforces access to the web console and can be required for all users through security policies, making unauthorized access difficult even if primary credentials are compromised.
Related standards:
- COBIT DSS05.03 (Authentication Management)
- GDPR Art. 32 (Security of processing)
- HIPAA 164.308(a)(5) (Access security)
- ISO 27001 A.9.4.2 (Secure access controls)
- NIS2 Art. 21 (Access Controls)
- PCI DSS 8.3 (Multi-factor authentication)
Delegated authentication system
Allows users to authenticate using corporate directories such as LDAP, Active Directory or federated services via SAML. This centralizes identity control and integrates access with corporate security policies.
Related standards:
- COBIT BAI08.01 (User and access management)
- HIPAA 164.308(a)(5) (Access Security)
- ISO 27001 A.9.2.1 (User Identity Management)
- NIS2 Art. 21 (Access controls)
- PCI DSS 8.1.2 (Assignment of unique IDs)
ACLs and user profiling
Define granular permissions through access control lists and profiles that apply to individual users or groups. This allows limiting visibility and modification of specific assets, while respecting the principle of least privilege.
Related standards:
- COBIT DSS05.02 (Assignment of privileges)
- GDPR Art. 25 (Privacy by design)
- ISO 27001 A.9.1.2 (Role-based access)
- PCI DSS 7.1 (Access restrictions)
Password Policy
The platform allows you to configure strict policies on the length, complexity, expiration, reuse and renewal of passwords. These measures reduce the risk of improper access through the use of weak or compromised credentials.
Related standards:
- COBIT DSS05.03 (Authentication Controls)
- HIPAA 164.308(a)(5) (Access Security)
- ISO 27001 A.9.4.3 (Use of secure passwords)
- NIS2 Art. 21 (Access controls)
- PCI DSS 8.2.3 (Password complexity requirements)
Credential containers
Users can use securely stored credentials without directly accessing their contents. This allows monitoring tasks to be performed without exposing sensitive information to technical personnel.
Related standards:
- COBIT DSS05.02 (Separation of Duties)
- ISO 27001 A.9.3.1 (Use of secure credentials)
- PCI DSS 8.7 (Non-disclosure of passwords)
Access control by IP or geolocation
Advanced functionality that allows restricting access to the platform or certain assets according to IP ranges or geographic location, reinforcing access security policies.
Related standards:
- COBIT DSS05.03 (Strong Authentication)
- ISO 27001 A.9.4.4 (Access restrictions)
- NIS2 Art. 21 (Access controls)
SSL/TLS certificate management
Functionality to manage the complete lifecycle of SSL/TLS certificates used in monitored systems, ensuring secure communications and compliance with cryptographic standards.
Related standards:
- COBIT DSS05.04 (Cryptographic Management)
- ISO 27001 A.10.1.2 (Key management)
- PCI DSS 4.1 (Use of secure protocols)
Data Protection and Encryption
Encryption of sensitive data
Pandora FMS encrypts critical information such as access credentials and custom configuration fields, ensuring that this data is not readable even if the system is compromised. Certificates issued by a CA can be used to validate the encryption.
Related standards:
- COBIT DSS05.04 (Data Protection)
- GDPR Art. 32 (Encryption of personal data)
- HIPAA 164.312(e)(2)(ii) (Encrypted transmission)
- ISO 27001 A.10.1.1 (Cryptography)
- NIS2 Art. 21 (Data protection)
- PCI DSS 3.4 (Protection of stored data)
Secure agent communication architecture
Agents do not expose ports or accept incoming connections. They actively connect to the server, reducing the attack surface and enabling end-to-end encryption.
Related standards:
- COBIT DSS05.04 (Network Security)
- ISO 27001 A.13.2.1 (Secure transfer policies)
- PCI DSS 4.1 (Encryption of communications)
Installation without root
Pandora FMS can be installed in environments without root permissions, adapting to security policies that restrict elevated privileges even during installation.
Related standards:
- COBIT DSS05.02 (Access Privileges Control)
- ISO 27001 A.12.1.2 (Principle of least privilege)
Physical separation of components
Allows the various components of the system (data, console, files) to be located on separate servers, even on different networks. This improves isolation and enables differentiated perimeter security controls to be applied.
Related standards:
- COBIT DSS05.01 (Secure Infrastructure Design)
- ISO 27001 A.11.1.3 (Physical zoning)
- PCI DSS 9.1 (Physical access restriction)
Systems Management and Control
Asset management with customizable attributes (risk, owner, etc.)
Functionality that allows creating and maintaining a detailed inventory of assets, assigning attributes such as owner, criticality and risk level, improving traceability and compliance in audits.
Related standards:
- COBIT APO03.01 (IT Asset Portfolio Management)
- GDPR Art. 30 (Recording of processing activities)
- HIPAA 164.310(d)(1) (Hardware and software management)
- ISO 27001 A.8.1.1 (Asset inventory)
- ISO 27001 A.8.1.2 (Asset ownership)
- ISO 27001 A.8.2.1 (Classification of information)
- NIS2 Art. 21 (Network asset management)
- PCI DSS 2.4 (Inventory of components in the CDE environment)
Configuration change control
Functionality that allows to register and supervise any alteration in the configuration of monitored systems, facilitating the quick identification of unauthorized or undue changes.
Related standards:
- COBIT BAI06.01 (Change Control)
- ISO 27001 A.12.1.2 (Change management)
- PCI DSS 6.4 (Change tracking)
Patch Management
Functionality that allows managing the identification, validation and application of security patches in monitored systems, ensuring their update against known vulnerabilities.
Related standards:
- COBIT DSS05.06 (Patch Management)
- ISO 27001 A.12.6.1 (Management of technical vulnerabilities)
- NIS2 Art. 21 (Technical update measures)
- PCI DSS 6.2 (Security patching)
Segmentation of environments / multiple tenancy
Advanced functionality that allows the creation of independent environments within the same monitored infrastructure, reinforcing the isolation of critical data and systems.
Related standards:
- COBIT DSS01.01 (Separation of environments)
- ISO 27001 A.13.1.3 (Separation of networks)
- NIS2 Art. 21 (Isolation of critical systems)
System integrity (binary checksum / own filesystem)
Functionality that automatically verifies the integrity of binaries and system files through checksums, detecting tampering or corruption.
Related standards:
- COBIT DSS05.07 (Monitoring of unauthorized changes)
- ISO 27001 A.12.2.1 (Integrity controls)
- PCI DSS 11.5 (Integrity monitoring)
Infrastructure and Network
Secure traffic through encryption and certificates
All communications within Pandora FMS use encrypted protocols such as SSL/TLS, protecting the information in transit between agents, servers and consoles. The use of digital certificates at both ends guarantees the authenticity of the nodes involved.
Related standards:
- COBIT DSS05.04 (Encrypt sensitive data in transit)
- GDPR Art. 32 (Security of processing)
- HIPAA 164.312(e)(2)(ii) (Encrypted transmission)
- ISO 27001 A.10.1.1 (Cryptographic controls)
- NIS2 Art. 21 (Data protection)
- PCI DSS 4.1 (Encryption in data transmissions)
Agent locking system
Prevents an agent from being remotely reconfigured or modified once deployed, a useful feature in highly regulated or isolated environments.
Related standards:
- COBIT DSS05.05 (Controlling access to critical systems)
- ISO 27001 A.13.1.1 (Network security)
Firewalls and port control
All ports used by the components are documented and can be customized, allowing their secure management through firewalls or intrusion detection systems.
Related standards:
- COBIT DSS05.04 (Network Security Management)
- ISO 27001 A.13.1.1 (Network controls)
- PCI DSS 1.2 (Network traffic restriction)
High Availability and Backup
Total High Availability
Includes HA mechanisms for all components: database, servers, console and agents. This guarantees the continuity of the monitoring service even in the event of critical failures or scheduled maintenance.
Related standards:
- COBIT DSS01.04 (Continuity Management)
- HIPAA 164.308(a)(7) (Contingency and Recovery)
- ISO 27001 A.17.1.2 (Availability of information services)
- NIS2 Art. 21 (Continuity of service)
Integrated backup
The console includes a tool to perform complete backups of the system and its configuration. This facilitates recovery from disasters, human error or hardware failure.
Related standards:
- COBIT DSS04.07 (Backup Management)
- HIPAA 164.308(a)(7) (Contingency and Recovery)
- ISO 27001 A.12.3.1 (Information backup)
- NIS2 Art. 21 (Continuity of service)
- PCI DSS 9.5 (Backup protection)
Monitoring of restricted areas
It is capable of collecting information from networks without direct access to the outside by means of agents operating in disconnected mode or highly controlled environments.
Related standards:
- COBIT DSS01.05 (Critical Operations Monitoring)
- HIPAA 164.312(b) (Auditing activity logs)
- ISO 27001 A.12.1.1 (Operational procedures)
- NIS2 Art. 21 (Detection and response capability)
Hardening check
Advanced functionality focused on verifying that systems comply with secure configuration guidelines. Identifies deviations from defined standards and enables automatic compliance reporting.
Related standards:
- COBIT DSS05.02 (Secure Configuration of Systems)
- ISO 27001 A.14.2.5 (Principles of secure engineering)
- PCI DSS 2.2 (Secure System Configurations)
Integration with automatic response tools (SOAR)
Functionality that allows integrating Pandora FMS with SOAR solutions for automating responses to security incidents, reducing reaction times.
Related standards:
- COBIT DSS02.03 (Response Automation)
- ISO 27001 A.16.1.5 (Incident response)
- NIS2 Art. 21 (Rapid threat response)
Pandora FMS Certifications
Pandora FMS -as a company- is certified in ISO/IEC 27001:2013 (ES-SI-0084/2020) and in the National Security Scheme (ENS) in its basic category.
Beyond limits, beyond expectations