---

Policy-Based Filtering

Tripwire Enterprise uses security standards like CIS and prescriptive policies like PCI to serve as the lens for determining the criticality of detected changes. This means that changes that don’t negatively impact compliance — a server password changing from one compliant format to a different, still-compliant format &mash; can be auto-promoted, while changes that impact compliance can be instantly flagged for manual review.

Change Management System Integration

TThe highest-performing IT shops adhere to strict change control processes, often using change and configuration management systems (CCM) to automate and enforce change processes. Tripwire Enterprise’s ChangeIQ integrates with the leading CCM providers to review each change, determine if it was authorized, and then act accordingly.

Change Type Filters

ChangeIQ capabilities in Tripwire Enterprise allow users to automate responses to certain categories of changes. For example, the appearance of a new DLL file type could represent a much greater security threat than one that has undergone even a major modification, and can therefore be treated differently if desired.

Customizable, Granular Severities

Tripwire Enterprise provides severity scores for changes to different file types. Users can now tailor responses to different types of change: a change to text content, for instance, can be auto-promoted, but permission changes on the same file can be flagged for in-depth analysis.

Reconcile Express

Information from change management systems or even manual processes — like changes listed in a simple text file or in a spreadsheet — can serve as the source data with which Reconcile Express automates change reconciliation.