Change detection systems can generate massive amounts of data. What sets Tripwire apart is its ability to add business context to the change data to make it intelligible and actionable.
File Integrity Monitoring Features
Tripwire File Integrity Manager has taken FIM far beyond basic change auditing. It not only collects highly detailed change data in real-time, it also adds change intelligence and automated remediation and then integrates this data with the other critical security controls provided by Tripwire solutions.
Reduce your Signal to Noise Ratio
Tripwire File Integrity Monitoring (FIM) has the unique, built-in capability to reduce noise by providing multiple ways of determining low-risk change from high-risk change as part of assessing, prioritizing and reconciling detected change. Auto-promoting countless business-as-usual changes reduce the noise so IT has more time to investigate changes that may truly impact security and introduce risk. Tripwire uses agents to continuously capture detailed who, what, and when details in real time, to ensure that you detect all change, capture details about each one, and use those details to determine the security risk or non-compliance.
Automated Change Detection Helps Organizations Keep Up With the Workload
File Integrity Manager uses automation to detect all changes and to remediate those that take a configuration out of policy. Integration with existing change ticketing systems like BMC Remedy, HP Service Center or Service Now allows for quick audit. This type of ticketing integration insures traceability and closes the loop. In addition, automated alerts trigger user-tailored responses when one or more specific changes reaches a severity threshold that one change alone wouldn't cause- for example, a minor content change accompanied by a permission change that was done outside change window hours.
File Integrity Management and Security Controls
Tripwire provides the ability to integrate File Integrity Manager with many of your security controls: security configuration management (SCM), log management and SIEM. Tripwire FIM adds components that tag and manage the data from these controls more intuitively and in ways that protect data better than before. For example, the Event Integration Framework (EIF) adds valuable change data from File Integrity Manager to Tripwire LogCenter or almost any other SIEM. With EIF and other foundational Tripwire security controls, you can easily and effectively manage the security of your IT infrastructure.
Now, instead of spending as many as 28 man-days over a year providing manual proof of change control, we simply review our Tripwire Enterprise implementation and show evidence of compliance across the infrastructure with Tripwire reports. As a result, we now spend about an hour per audit answering questions about our change processes.
That’s a reduction of nearly 90%!