The Tripwire Competitive Difference
Our solutions help customers find issues before they cause real security problems. With Tripwire VIA solutions, you know the state of your IT configurations and files, when that state isn’t right—leaving your infrastructure exposed—and how to fix it. And you know all of that immediately, at the speed of change. Here’s how:
True FIM Based on an Intelligent Change Architecture
To know what changed, you have to know what you started with. Tripwire takes a snapshot of your IT infrastructure to baseline your configurations, files and file attributes. It then detects all changes as they happen, capturing details that answer: Who changed it? What changed? Was it authorized? Does it cause non-compliance? This lets you answer the critical question: Should we change it back? We even let you specify rules and conditional actions that highlight the changes that need your attention. And since it works across the entire IT infrastructure, not just a subset of it, you have a true end-to-end enterprise solution.
Ability to Capture Changes of Interest
Tripwire FIM captures change across the enterprise infrastructure, and then analyzes and filters them to produce “changes of interest,” not just the constant hum of “noise” produced by bulk or business-as-usual changes. With changes of interest automatically identified, you immediately know if a change causes a configuration policy failure, change policy failure, or a change authorization failure. That means you can fix it before a hacker has the chance to gain a foothold in your IT environment.
Continuous Configuration State
For most IT security professionals, hardening configurations and keeping them that way is the most critical security action they can take. But you can’t do that if you don’t know immediately when a hardened configuration setting becomes non-compliant—or at risk—due to a change. With Tripwire, you know what changed, when it changed, why it changed. Immediately, not after the next mega-configuration scan, which might be weeks or even months away. Available automated remediation even lets you quickly fix non-compliant settings to return the configuration to a hardened state.
Tripwire VIA Security Alerts
All SIEM solutions can capture security events of interest, but only the Tripwire VIA platform can combine changes of interest generated by Tripwire Enterprise’s true FIM with security events of interest from Tripwire Log Center—or nearly any other SIEM. With Tripwire VIA, you can generate security alerts when these critical data sources combine to indicate a security threat or vulnerability is present. That reduces noise from both security controls and increases the value of your security solution.