Skip to content ↓ Skip to navigation ↓

Security Configuration Management

Enable security & manage risk


Security configuration management goes by many different names—configuration assessment, policy management, configuration auditing and system hardening are a few. Whatever it’s called, its goals are rooted in this definition from NIST:

"The management and control of configurations for an information system with the goal of enabling security & managing risk"
National Institute of Science and Technology SP 800-128

SCM is one of the most effective and cost-effective security controls you can implement, and it’s foundational to many regulatory standards and security frameworks. Tripwire Enterprise provides SCM so you can measureably reduce your infrastructure’s attack surface while improving your security posture.