Tripwire Continues Market Lead in Compliance Policy Development for the Data Center

Portland, OR - Apr 7, 2009 - Tripwire® today announced its continuing leadership in delivering customers a growing library of policy content and compliance assessments designed to help IT organizations enforce security and achieve and maintain continuous compliance across the enterprise. This content, contained within Tripwire Enterprise, the company’s flagship product for configuration audit and control, is part of a strategic initiative that began July, 2007 to continually develop new and updated assessments that support policy and risk management.


Currently, Tripwire Enterprise includes configuration assessments for 27 platforms, 147 policies (based on 45 compliance sources), 37 Center for Internet Security (CIS)-certified benchmarks, and more than 20,000 published tests. New and updated policies are continually in development and added to the growing list of available library content in Tripwire. Among the platforms are versions of Windows, Cisco, Oracle, HP, AIX, SuSE, Solaris, VMware, i5/OS, DB2, SQL Server, Microsoft IIS and Exchange, and Red Hat. Policies are applicable for both physical and virtual environments.

Along with updates to critical policies that have recently been revised or are under review, such as the Payment Card Industry (PCI) version 1.2 and the North American Electric Reliability Corporation (NERC) policy, Tripwire is aggressively developing policies for additional industry segments. New or upcoming policies include the more comprehensive Health Insurance Portability and Accountability Act (HIPAA), designed to secure and protect patient information in the health industry, and the Gramm-Leach-Bliley Act (GLBA) policy that governs financial organizations.

"Since embarking on this strategic policy initiative, Tripwire has dedicated an entire team to develop depth and breadth of security assessments and reporting capabilities that help IT organizations manage compliance and reduce risk," said Sean Sherman, Senior Compliance Architect. "By continuing to stay abreast of policy updates, and offering configuration assessments as quickly as possible, our customers are not only able to harden their IT systems, but also achieve and maintain continuous compliance, thereby moving forward in process maturity and improved service delivery."

These policy assessments benefit IT through operational compliance, and adherence to enterprise policies, processes, and standards; compliance to regulatory and security standards; increased operational efficiency; reduced risk; and the ability to dedicate more resources to strategic business initiatives. In addition, Tripwire Enterprise includes Tripwire Remediation Advisor, a step by step process to help IT managers solve configuration issues flagged as suspicious or non-compliant.

Tripwire plans ongoing delivery of new products, services, added functionality, and partnerships to deliver on its strategy. Since Tripwire began offering compliance assessments, over 40,000 policies have been downloaded by customers. For more information, visit