Tripwire Boosts Cybercrime Detection Capabilities, Focuses on Techniques, Tactics and Procedures
Tripwire Enterprise leverages MITRE framework, strengthens defense against cybercrime behavior
PORTLAND, Ore. – November 08, 2017 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced enhanced capabilities for preventing and detecting cybercrime. With a new set of advanced cybercrime controls that leverage MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework, Tripwire® Enterprise now offers hundreds of new tests for hardening against and detecting activities associated with cybercrime behavior.
MITRE’s ATT&CK is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s life cycle and the platforms they are known to target. By breaking down an attack into ten different category tactics – each with its own set of techniques – ATT&CK is able to map out each attack chain. Tripwire Enterprise, the company’s flagship secure configuration management suite, has been enhanced to identify the techniques, tactics and procedures (TTPs) outlined in MITRE’s ATT&CK model.
“By building upon our own breach detection rules, with hundreds of new tests that we developed based on the MITRE ATT&CK framework, we’ve boosted Tripwire Enterprise’s ability to detect and protect against behaviors associated with cybercrime,” said Tim Erlin, vice president of product management and strategy at Tripwire. “Organizations can build better preventative measures and be in position to identify a breach sooner by focusing on the behaviors of cyberattackers, instead of just on the specific tools or malware they use.”
In the event that Tripwire Enterprise detects a change associated with cybercrime, it helps incident responders act more swiftly by providing details not only of what changed, but also what the value should be and why a cyberattacker would have made that change. In addition, Tripwire Enterprise automatically collects key attack data, reducing the need to manually collect it across disparate endpoints.
“Tripwire maintains the most comprehensive library of security and compliance coverage,” Erlin added. “We’re constantly enhancing our solutions with new content like this latest set of advanced cybercrime controls so that our customers can take advantage of the broadest set of policies, frameworks and best practices in an effort to maintain strong foundational security controls, from hardening to detection.”
The new advanced cybercrime controls are now available for Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016 systems. Support for additional operating systems will be released soon.
For more information or for updates on new releases, please contact Tripwire at: https://www.tripwire.com/contact.
Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at tripwire.com/blog or follow us on Twitter @TripwireInc.