Tripwire Boosts Cybercrime Detection Capabilities, Focuses on Techniques, Tactics and Procedures
Tripwire Enterprise leverages MITRE framework, strengthens defense against cybercrime behavior
PORTLAND, Ore. – November 08, 2017 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced enhanced capabilities for preventing and detecting cybercrime. With a new set of advanced cybercrime controls that leverage MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework, Tripwire® Enterprise now offers hundreds of new tests for hardening against and detecting activities associated with cybercrime behavior.
MITRE’s ATT&CK is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s life cycle and the platforms they are known to target. By breaking down an attack into ten different category tactics – each with its own set of techniques – ATT&CK is able to map out each attack chain. Tripwire Enterprise, the company’s flagship secure configuration management suite, has been enhanced to identify the techniques, tactics and procedures (TTPs) outlined in MITRE’s ATT&CK model.
“By building upon our own breach detection rules, with hundreds of new tests that we developed based on the MITRE ATT&CK framework, we’ve boosted Tripwire Enterprise’s ability to detect and protect against behaviors associated with cybercrime,” said Tim Erlin, vice president of product management and strategy at Tripwire. “Organizations can build better preventative measures and be in position to identify a breach sooner by focusing on the behaviors of cyberattackers, instead of just on the specific tools or malware they use.”
In the event that Tripwire Enterprise detects a change associated with cybercrime, it helps incident responders act more swiftly by providing details not only of what changed, but also what the value should be and why a cyberattacker would have made that change. In addition, Tripwire Enterprise automatically collects key attack data, reducing the need to manually collect it across disparate endpoints.
“Tripwire maintains the most comprehensive library of security and compliance coverage,” Erlin added. “We’re constantly enhancing our solutions with new content like this latest set of advanced cybercrime controls so that our customers can take advantage of the broadest set of policies, frameworks and best practices in an effort to maintain strong foundational security controls, from hardening to detection.”
The new advanced cybercrime controls are now available for Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016 systems. Support for additional operating systems will be released soon.
For more information or for updates on new releases, please contact Tripwire at: https://www.tripwire.com/contact.
Tripwire is the trusted leader for establishing a strong cybersecurity foundation. Partnering with Fortune 500 enterprises, industrial organizations and government agencies, Tripwire protects the integrity of mission-critical systems spanning physical, virtual, cloud and DevOps environments. Tripwire’s award-winning portfolio delivers top critical security controls, including asset discovery, secure configuration management, vulnerability management and log management. As the pioneers of file integrity monitoring (FIM), Tripwire’s expertise is built on a 20+ year history of innovation helping organizations discover, minimize and monitor their attack surfaces.
Learn more at https://www.tripwire.com/, get security news, trends and insights at www.tripwire.com/blog, or connect with us on LinkedIn, Twitter and Facebook.