NIST 800-53 Compliance for FISMA

NIST 800-53 Compliance: Tripwire’s Solution for Continuous Monitoring and Risk Management of Federal Information Systems

Special publications from NIST provide guidance to federal agencies around FISMA compliance. NIST SP 800-53 provides guidelines on security controls required for federal information systems. NIST SP 800-37 was recently released to help achieve near real-time risk management through continuous monitoring of the controls defined in NIST 800-53. NIST 800-137 was also released to provide additional guidance that will require automation to extend reporting and monitoring enterprise-wide.


Tripwire delivers continuous and automated monitoring of NIST 800-53 security controls to help government agencies identify and prioritize assets, identify risk threshold, determine monitoring frequency and report to authorizing officials.

Tripwire’s solution for NIST 800-53/FISMA compliance:

  • Implements security controls and assesses configurations against NIST 800-53 policy requirements
  • Provides automated remediation or remediation guidance of misconfigurations across heterogeneous IT infrastructure
  • Continuously monitors IT configurations and detects high-risk changes with prioritized, actionable real-time alerts
  • Demonstrates, through real-time dashboards and automated reports, current, historical and trending compliance
  • Extracts actionable information from servers, networks and systems to provide forensic analysis and on-demand, auditable proof
Practical Guide to Continuous Monitoring

Watch the Practical Guide to Continuous Monitoring, Video Series

Watch the 4 part Video Series with Tripwire Lead Systems Engineer, Steve Johnston, CISSP

Watch Now


FISMA Resources

    • Infosecurity Europe 2012 Wrap Up
      Infosec expert and ‘cynic’ Javvad Malik summarizes the most important aspects of Infosecurity Europe 2012. Some of the top trends and key takeaways: risk management and the rising role of the CISO....
    • Communicating the value of Information Security – Part 3
      In part 2 of this series, I talked about getting to know the "language" of your particular business. This week, I want to talk about how to leverage Enterprise Architects, if they are available. They can be...
    • The Growing Pains of the New CISO
      Recently we had an opportunity to interview Phil Cracknell (@PCracknell on Twitter) during Infosecurity Europe. Infosec expert and ‘cynic’ Javvad Malik asks Mr. Cracknell, Global Security and...

To read more blog posts, visit the State of Security Blog.

To browse more, visit the company news section.

Resource Library

Resource Library

Read, watch or listen to valuable information about Tripwire solutions, customer success stories, IT security and compliance best practices, and more.

Resource Library