Tripwire Announces a New Solution for Level Three and Four PCI Retailers: Tripwire Express for PCI

New York, NY - Jan 12, 2009 - It's never easy to be in the retail business – but today, retailers face challenges they've never seen before. These include compliance requirements. Tripwire, already the preferred PCI compliance solution for the majority of the Top 100 retailers, today announced an enhanced file integrity monitoring solution that enables smaller retailers to quickly achieve and maintain PCI compliance based on “pay as you grow” pricing. Tripwire Express for PCI lets retailers take advantage of Tripwire's industry-leading PCI compliance capabilities quickly without breaking the bank.

Compliance with PCI DSS is mandatory for retailers, no matter how many (or how few) payment card transactions they process each year or how many of their servers are in scope. Failure to comply with PCI results in stiff financial penalties, and the business consequences of a security breach are also steep. Retailers who want to stay alive in today's climate can afford neither of these outcomes. Tripwire Express for PCI comes just in time to meet the needs of retailers who need to secure customers' data while ensuring a healthy bottom line.

“Tripwire Express for PCI is great news for smaller retailers, especially as they seek to tighten their belts in an uncertain climate,” said Ed Rarick, PCI Evangelist for Tripwire. “This is a solution that helps retailers achieve and prove compliance, and provides the visibility they need into their IT environment, immediately.”

Section11.5 of the Payment Card Industry Data Security Standard requires retailers to deploy file integrity monitoring to alert personnel to unauthorized modifications to critical system files, configuration files or content files, performing critical file comparisons at least weekly – or more frequently if the process can be automated. Deploying and maintaining a file integrity monitoring solution has been cost prohibitive for all but the largest retailers, until now. Tripwire Express for PCI is designed for retailers who have a limited amount of infrastructure in-scope for PCI DSS compliance, and limited time, staff and funding to implement and maintain a file integrity monitoring solution. Tripwire Express for PCI is based on industry-leading technology, and backed by the company that invented file integrity monitoring.

Small retailers can get started for less than $2,000 with self-service implementation, and be audit- ready within two to three working days. Tripwire Express for PCI can also be installed on one server at a time, enabling retailers to “pay as they grow”. Tripwire provides rules to detect changes to the critical system, configuration or content files for a broad range of standard infrastructure and applications (as required by PCI DSS specification 11.5). In the event that customers need professional support, they can rely on a team of PCI-qualified specialists that can help onsite or remotely.

Tripwire Express for PCI joins a family of solutions designed specifically for businesses that must comply with the regulation, including PCI for Retail and PCI for Hospitality. Tripwire Express for PCI is the latest step in the company's commitment to delivering tailored solutions to help retailers meet their compliance needs.