Tripwire Enterprise Remediation Manager

Successful IT compliance requires IT Security and Compliance teams to adopt a known IT security standard and continually check the organization’s compliance status against it. It also requires IT Operations to efficiently— and with low impact on availability—fix deviations from that standard. Unfortunately, these teams aren’t always in synch.

Operations focuses primarily on keeping systems and services available, while Security and Compliance focus on keeping IT configurations secure, ready, and able to pass internal and external audits. When security and compliance teams detect configuration errors that introduce risk or noncompliance, they need to work with operations to remediate the issue. This process can be intricate, time consuming and costly, and often results in delayed response or lost remediation requests.

Tripwire Enterprise’s Remediation Manager changes all that, with a work order based system that lets users from each IT team seamlessly communicate across organizational boundaries and automatically remediate most security and compliance configuration errors. Remediation Manager provides a timesaving, cost effective means of correcting hundreds of seemingly mundane, yet important configuration errors to keep systems secure, compliant and audit ready.

How Does Remediation Manager Work?

Remediation Manager is an add on module for Tripwire Enterprise that uses work orders, role based workflow features and automated scripts to ensure that configuration errors get fixed quickly, while simultaneously tracking duties and sign offs across various remediation activities. Users can launch Remediation Manager directly from their custom Tripwire Enterprise home page to review all current remediation work orders at a glance.

When Tripwire Enterprise’s Policy Manager detects a failed configuration test, an IT Security or Compliance team member can easily create a work order and assign roles. This role based system ensures that the right individuals approve, deny, defer or execute the work orders tracked by Remediation Manager.

Once the work order has been created, the person assigned the remediator role can execute remediation scripts to repair configurations. Work order status can be tracked in real time through the user interface, color coded status indicators, and a remediation report. With Remediation Manager, IT can rapidly put systems into a policy aligned, compliant state—whether in pre-deployment or production settings—and ensure remediation requests are addressed in a timely manner and never get lost.

Remediation Manager Fits Modern Security strategies

Prevent - Detect - Correct is an established strategy that defines the worldview of modern IT security. With Remediation Manager, Tripwire Enterprise adds the critical “Correct” component to its already robust capabilities. It’s the ideal solution for IT security teams, letting them:

  • Prevent exploits and breaches by using Policy Manager to assess the security posture of almost every configuration and identify settings that introduce risk and noncompliance.
  • Detect with File Integrity Manager by monitoring almost any asset in the IT infrastructure to detect even minute and seemingly insignificant changes that weaken security or indicate an attack in progress.
  • Correct with Remediation Manager by automating repair and management of configuration errors identified by the Policy Manager