Tripwire Debuts Point-of-Sale Threat Protection
PORTLAND, Ore. — November 12, 2015 — Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced
Tripwire POS Threat Protection, a set of threat detection and prevention capabilities designed specifically to defend against cyber attacks directed at point-of-sale (POS) devices.
A vast amount of consumer credit card data is stolen through sophisticated cyber attacks against POS equipment. Tripwire POS Threat Protection delivers 35 new policies and 55 new tests designed to detect specific POS security threats, including common weaknesses and exploitable configuration settings that are frequently used by cyber attackers to access POS devices and customer credit card data. The new policies detect and notify IT security teams when POS devices, servers and payment card network infrastructure experience specific changes that leave them susceptible to compromise.
Tripwire POS Threat Protection defends against a wide variety of brute force and malware attacks, including specific variants of RAM scraping malware. RAM scrapers are commonly used in POS cyberattacks, including:
- Alina and Trackr
“Retailers require both preventative and detective controls,” said Ken Westin, senior security analyst for Tripwire. “In order to mitigate the most sophisticated cyber attacks, retailers need to harden their environment as well as decrease the mean-time-to-resolution when there is an incident. Tripwire’s latest POS solutions are based on recommendations from industry leaders and actual attack data, a unique approach designed to solve both of these problems.”
Pressure on merchants to secure their POS environments continues to mount. According to Verizon’s 2015 Data Breach Investigations Report, attacks on POS systems continue to be the top source of confirmed data breaches, and a majority of breaches take weeks or months to be detected.
Tripwire POS Threat Protection is available with the most recent release of Tripwire® Enterprise. For more information, please visit: http://www.tripwire.com/products/tripwire-enterprise/.
Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at tripwire.com/blog or follow us on Twitter @TripwireInc.