Tripwire and RedSeal

 Report and Model Vulnerability Risk through Network Context

Large, complex networks require the implementation and management of thousands of access rules in routers, firewalls and other network infrastructure—across thousands of endpoints. This combination of rules, endpoints and the vulnerabilities the endpoints may exhibit make risk management a complicated practice in any enterprise. Manually determining which devices and rules are responsible for unwanted access can be difficult and time consuming, if even possible. Unwanted open access paths that expose vulnerabilities can leave organizations open to attack and allow an intruder to gain access to critical data systems.

To increase operational efficiency and reduce risk, Tripwire and RedSeal have partnered to provide comprehensive management of threat and vulnerability risk by unifying vulnerability information with the topological and access context of assets in the network.

RedSeal provides continuous monitoring of the predefined access paths within corporate and government network environments. It gathers configuration of all networks devices including firewalls, routers and load balancers to build a virtual model of an entire enterprise network by analyzing how the rules on these devices work together to protect business assets. RedSeal can also validate access configurations against governmental and industry-driven compliance regulations, as well as internally defined security policies.

RedSeal’s integration with the Tripwire IP360 vulnerability management solution ensures uniform visibility, defense and ongoing management of an organization’s entire threat and vulnerability exposure. The combination of Tripwire IP360 and RedSeal allows end-users to visualize their network topology, check network device configurations for best practice violations, validate end-to-end access routes, import vulnerability scan data to prioritize remediation efforts based on network access context and continuously monitor and track changes to ensure ongoing compliance.

How Does it Work?

  • Scan: Tripwire IP360 conducts comprehensive vulnerability scans of the environment. The RedSeal platform collects and analyzes access control data from firewalls, routers, and other infrastructure.
  • Import: RedSeal imports the vulnerability scan results from Tripwire IP360 and correlates them to known assets.
  • Report: RedSeal provides adjusted risk scoring for vulnerabilities based on how accessible they are within the environment.
  • Model: Users can model how changes to network access control may affect vulnerability risk exposure in the environment.
Joint Tripwire and RedSeal customers receive:
  • Contextualized Reporting: Vulnerability Risk reporting that includes network threat context.
  • Comprehensive Analytics: Combined Vulnerability and Threat Analytics.
  • Impact Awareness: Change modeling to determine how access control changes will affect vulnerability risk exposure.