Tripwire, the leading global provider of foundational security controls, delivers a comprehensive suite of security and vulnerability management solutions that provides “system state intelligence” that better mitigates security risks and helps distinguish real threats from false positives. Tripwire’s System State Intelligence helps focus Security and IT Operations’ efforts and saves the time formerly spent investigating false positives, while enabling the ability to determine exactly what happened. That means you can respond appropriately to minimize any damage and protect your business.

Tripwire delivers the industry’s most robust set of critical security controls: Security Configuration Management, Vulnerability Management, Log Management, and File Integrity Monitoring for the extended enterprise. Tripwire’s leading technology, which is Common Event Format (CEF) certified, provides the foundational controls required to detect leading indicators of a breach, proactively protect the enterprise by reducing the attack surface, and makes security visible, measureable and actionable by connecting security to the business through reports that are aligned with an organization’s views of structure, risk, and priority, and then creating knowledge— information that’s actionable.

Tripwire is trusted by over 7,000 customers in 96 countries, including 50% of the Fortune 500.  We help the CISO, and the Information Security and IT Operation teams, solve many pressing business issues including (1) achieving and maintaining regulatory compliance demands, (2) gaining visibility and control of everything running on the network, (3) reducing the attack surface, (4) achieving control of all unauthorized change, and (5) communicating the value of security to the business using business-oriented metrics that the business understands.

Security Configuration Management is the end-to-end process that continually assures the integrity of security configurations and the information they protect. It connects your IT configurations to the initiatives and measures that matter to your business, continually protects information systems, and detects the issues and deviations that increase risk.

HOW SCM WITH TRIPWIRE ENTERPRISE WORKS

Tripwire Enterprise provides end-toend SCM with a complete spectrum of preventive, detective and corrective controls. It prevents breaches by hardening configurations, detects the changes that cause configurations to move out of their hardened state, and then corrects thosechanges—whether accidental or malicious—using automated remediation.

PREVENT:

POLICY MANAGER HARDENS CONFIGURATIONS AGAINST INDUSTRY SECURITY BENCHMARKS

Tripwire Enterprise immediately reduces the attack surface of your  IT infrastructure. By hardening configurations with security benchmarks established by trusted industry sources,  attacks are prevented from becoming breaches. For example, Policy Manager in Tripwire Enterprise lets you align  configurations with benchmarks established by the Payment Card Industry Data Security Standard (PCI), the Center  for Internet Security (CIS) and NIST. You  can also easily customize built-in policies to reflect your own security needs.

DETECT:

FILE INTEGRITY MANAGER DETECTS CHANGES THAT INTRODUCE RISK

A rock-solid SCM solution needs to do more than simply assess configurations against a security policy. It must also continuously monitor configurations for changes that compromise security. Tripwire Enterprise includes File Integrity Manager, the industryleading file integrity monitoring (FIM) solution that detects all changes in near real-time. It then uses ChangeIQ™ to determine if changes takes a configuration out of compliance and if they were accidental—or are evidence of an attack.

CORRECT:

REMEDIATION MANAGER RETURNS CONFIGURATIONS TO A SECURE STATE

Inevitably, a configuration will drift out of a secure state. Obviously, the more time it’s in that non-secure state, the more time hackers have to intrude. With Remediation Manager in Tripwire Enterprise, you can automate the process of returning configurations to their secure state. That reduces the time your systems are exposed and vulnerable. And in the small chance a breach does occur, potential damage is minimized by reducing the time before’s it’s detected.

TRIPWIRE IP360

VULNERABILITY & RISK MANAGEMENT

Tripwire IP360, the world's leading vulnerability and risk management solution, has enabled thousands of enterprises and government agencies to cost-effectively measure and manage their security risk. Using agentless technology, Tripwire IP360 has set the industry standard for depth and breadth of discovery and coverage. It comprehensively profiles all networked devices and includes coverage for over 83,000 conditions (operating systems, applications, vulnerabilities, and configurations), providing the ideal foundation for assessing every system on the network. Tripwire IP360’s agentless architecture is designed for rapid deployment and ease of management across large, globally-distributed networks.

VULNERABILITY AND RISK MANAGEMENT SOLUTION DELIVERS:

• Comprehensive, agentless discovery and profiling of all network assets for over 83,000 conditions
• Enterprise scalability, ease of deployment and operational effectiveness
• Integrated web application scanning to identify security risk in web applications
• Flexible reporting across all levels of the enterprise