Tripwire Professional Services is a team of certified Tripwire experts ready to assist in maximizing the value of your investment. From implementation to penetration testing, Tripwire’s robust service offerings help you with the gamut of your organization’s most complex and pressing cybersecurity concerns. Professional services enable maximum security, availability, operational efficiency and compliance of your business.
Implementation and Consulting Services
Tripwire’s provides implementation and consulting services to help you solve critical business problems. This includes product updates and hardware migrations, database health review and remediation, best practices consulting and process definition. A non exhaustive list of solutions we can help you with includes:
- Implements core Tripwire product(s) on a pilot group of assets
- Provides hands on knowledge transfer and mentoring
- Provides discovery and architecture oversight for the project goals
- Builds and manages the entire project with an assigned project manager
- Implements Tripwire product(s) in phases for all assets and environments in scope
- Implements automation and integration aspects of the solution(s)
- Provides hands on knowledge transfer and mentoring
- Creates run book best practices for associated client established roles
- Schedules return visits working jointly to ensure continual improvement and maturity
Consulting Service Upgrades
- Remote: Work via a secure network connection with a certified consultant to upgrade your solution then receive recommendations to maximize the ROI of your Tripwire solution.
- On-Site: Work with a certified consultant to ensure a smooth and timely upgrade. While on site, we’ll analyze usage and processes then make recommendations to help you gain quick time to value.
Tripwire Product Training Services
Tripwire offers courses designed to ensure that you reach or exceed your IT operations, security and compliance goals. We offer an in depth learning experience that fits your learning style and schedule. Training is currently available for the following products:
- Tripwire® Enterprise
- Tripwire IP360™
- Tripwire Log Center™
- Tripwire Configuration Compliance Manager (CCM)
- Tripwire Security Information Hub (SIH)
Training is offered in several delivery forms:
- Taught by live instructor in a professional facility
- One week duration
- Taught at a facility of your choosing
- Best for groups of 6–12 students
- One week duration
- Webex trainings with instructor interaction via voice and chat
- Exercises in cloud based virtual environments
- Personal mentoring and consulting
- Available in North America only
- Training materials download
- Access to virtual exercise environment
Datasheet: Training Services
Tripwire resident engineers serve as an expert level, dedicated on-site resource to manage your Tripwire solution. Our resident engineers are focused on ensuring that you get the most value out of your Tripwire investment as it relates to your business, security and compliance objectives.
- Certified Tripwire expert resource
- Provides overall design and architecture best practices guidance
- Provides implementation and maintenance duties
- Guidance and support through audits
- Staff enablement and runbook creation
- Supports any other Tripwire related needs
Datasheet: Resident Engineers
Datasheet: Resident Engineers for Federal Agencies
Change Process Controls Review and Automation
Tripwire was born out of the change management space. Our experts can provide guidance on best practices and the use of Tripwire solutions to manage and enforce change management policy.
- Change metric tracking
- Verification of adherence to change management processes
- Verification of complete and accurate change deployment
- Change management automation and integration with client Service Desk process
Best Practices Solution Review
We can conduct a thorough review of your Tripwire implementation to assess value and effectiveness against organizational objectives. This review is typically focused on monitoring strategy, reporting and alerting, automation and integration, and overall best practices as they relate to your business, security and compliance objectives.
- Monitoring strategy review against best practices and objectives
- What data is—and should be— available to incident and problem responders
- SIEM and correlation rule best practices and reporting
- Prioritizing vulnerability management and remediation
- Annual review of SCM and hardening policy standards
- Local vs. industry control frameworks (CIS, SOX, DISA, etc.)
- Enhanced logging tailored to client log vendor and workflow
SCM and Configuration Management
- Tripwire has the most out of the-box policies in the industry, but we can develop custom policies to match your unique needs.
- Creation of policies to match internal secure configuration standards » Modification of out of the-box industry standard policies to match environment
- Review and prioritization of configuration checks so remediation efforts can be focused
Automated Whitelist Profiling
Tripwire can validate that only approved items are present on groups of assets. Organizations can be alerted when an item is detected that isn’t part of the whitelisted, baseline configuration.
- Ports, services, applications, patches and users mapped
- Validation against local policy for approved/denied ports and services Products and Solutions Integrations We help you with integration across our portfolio and with other security ecosystem solutions to deliver a robust
Products and Solutions Integrations
We help you with integration across our portfolio and with other security ecosystem solutions to deliver a robus solution for both compliance and threat protection. Tripwire has robust and open APIs, allowing our services team to integrate seamlessly with many technologies. For more details, please visit our Technology Alliance Program partners page.
- Integration with ticketing systems for automated change reconciliation
- Integration with SIEM solutions for correlation and alert management
Integration with threat intel provides for malware detection
Patching Process and Automation
Tripwire can validate that relevant patches were applied successfully to all assets in the environment.
- Dynamic software reconciliation
- Automation and integration with BigFix, Puppet, Opsware, etc.
Penetration Testing and Security Program Assessments
Penetration tests—otherwise known as pen tests—are a type of ethical hacking used to regularly evaluate the security of a network. Our team of highly skilled cybersecurity experts utilizes a combination of tactical and strategic approaches to discover and exploit vulnerabilities in your IT systems through penetration testing and assessing your security program.
- Choose from basic or extensive, customized penetration testing
- Security program assessments with control review and recommendations
- Tool consolidation and overlap review
Industrial Cybersecurity Assessments
Tripwire’s skilled team of engineers identifies weaknesses and prioritizes them. We collect data from automated vulnerability scanners, proprietary tools and manual assessment efforts to create a normalized list of identified exposures.
- ICS experts perform the assessment
- Complete review of existing security program and controls
- Detailed and actionable recommendations document provided
Regulatory Compliance Services
Tripwire knows compliance. Let our team offer the best practices guidance you need in order to support your compliance objectives. Tripwire professional services works with the following compliance frameworks:
- NERC CIP