Tripwire IP360 and NopSec Unified VRM

Intelligent Cybersecurity Automation from Detection to Response

The Challenges:
  • Too Much Data
  • Manual Processes
  • Workforce Shortage

With threats proliferating at an unprecedented rate, organizations and their IT security teams are facing multiple challenges:

  • Managing the large volumes of data and alerts that they receive and the difficulty of extracting actionable intelligence from their data to fix the right things at the right time
  • The manual process of remediation leads up to an average of 203 days from detection to remediation of vulnerabilities— delays that unquestionably result in increased risks 
  • The severe shortage of talent in cybersecurity, on top of siloed security practices between existing teams of Security, IT and DevOps

So how do companies and their teams make their workflow more effective and efficient, make sense of their vulnerability data, get an accurate measurement and priority of risk, and test the effectiveness of their mitigating controls, despite the shortage of time, people, and other resources? Through the unique integration of Tripwire® IP360™ and NopSec Unified VRM.

FIG 1. With Tripwire IP360, NopSec Unified VRM correlates 30+ unique threat intelligence feeds, along with the CVSS score and business value of the asset. NopSec Unified VRM re-assesses your vulnerability risk, forecasts the probability of exploitation and delivers a prioritized list of vulnerabilities.

How The Solution Works

Tripwire IP360 is a vulnerability management solution that provides complete network visibility including inventory of networked devices, applications and vulnerabilities.

NopSec Unified VRM is a cloud based platform that helps IT teams manage threats, reduce risks and stay compliant by automatically ingesting vulnerability data from Tripwire IP360 and using machine learning to process and prioritize remediation efforts.

The Tripwire IP360 and NopSec Unified VRM integration delivers customers the following critical advantages:

  • The most accurate and complete vulnerability data from Tripwire IP360, using over 118,000 checks from the Tripwire Vulnerability and Exposure Research Team (VERT)
  • Your most critical data delivered to NopSec Unified VRM for the most complete vulnerability management remediation and analytics insights

By intelligently automating your vulnerability management, you can accelerate your vulnerability prioritization process up to 40%, reduce your organization’s risks by up to 65%, achieve compliance 2x faster and remediate vulnerabilities up to 10x faster.


About The NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches. The company’s flagship SaaS product, Unified VRM, utilizes passive analysis, active exploitation and contextual enrichment that enables security teams to visually forecast threat risk, and dramatically reduce the time to remediation of critical security vulnerabilities across infrastructure and applications. NopSec has been recently named to Info Security Products Guide’s 2017 Global Excellence Awards List in Vulnerability Assessment, Remediation and Management. NopSec is based in New York, NY. For more information, visit www.nopsec. com/ or follow on Twitter @nopsec.


About Tripwire

Tripwire discovers every asset on an organization’s network and delivers high fidelity visibility and deep intelligence about those endpoints. When combined with business context, this valuable information enables immediate detection of breach activity and identifies other changes that can impact security risk.

Tripwire solutions also deliver actionable reports and alerts and enable the integration of valuable endpoint intelligence into operational systems, such as change management databases, ticketing systems, patch management and security solutions including SIEMS, malware detection, and risk and analytics.

These integrations are part of our Technology Alliance Program and they ensure our customers have robust, accurate information to make their organizations more cyber-secure.