Connect | PROTECT | Detect
As I mentioned in my last post, we recently launched a whole raft of new product versions and updates. But as my boss likes to say: This, and about three bucks, will get you a skinny tall latte. But not a grande.
Don’t get me wrong. I am one proud papa, and I think our new releases have some fantastic capabilities. But as software makers we tend to get caught up in features and lose sight of the big picture. The big picture is this: managing your IT security configurations is one of the most important things you can do, and we just made it easier,
On that first claim: Who says it’s all that important? Well, for one, Roger Grimes happened to say so in this timely post from last week, where he spelled out the three biggest mistakes a CISO can make:
#1: and #2 were “Buying vendor hype without testing” (fortunately Tripwire is a hype-free vendor) and “Focusing on the wrong priorities” (again, see my last post on how we fix this.)
But what really caught my eye was #3: “Not accounting for drift.” I’ll let Roger’s own words tell the story here:
“Consistency is the bane of hackers. Drift is how far off from the original configuration a computer or device has become. Less drift equals a lower security risk.” (Emphasis mine.)
I don’t think I’ve ever head a more succinct argument for security configuration management. (And hence the “drift” picture above.)
Roger goes on to add some great details though: “If I were ever a CSO again, I’d make most of my monthly metrics report about drift. How many end-user computers are running apps neither installed nor approved by IT? How many computers didn’t get fully patched this month? How many servers are no longer configured the way we originally configured them? How many IP addresses aren’t managed?”
On my second claim: how do we do this? The latest release of Tripwire Enterprise makes this more possible, more actionable, and more doable than ever by adding:
- Support for detecting and assessing “cloud drift”, including cloud policies like the ones from Cloud Security Alliance and FedRAMP
- Support for Red Hat Enterprise Virtualization (to go with our existing support for vmWare, Microsoft Hyper-V, and Solaris Zones
- and an all-new Health Check feature that makes it easier to manage more servers than ever (with less effort)
Go to our What’s New In Tripwire landing page to learn about the features behind these new capabilities.