Get Safe and Compliant
Keeping your organization safe and compliant is challenging and complex. Security is more effective when you have documented baselines for a system’s configuration, usually in the form of a security policy. These policies specify recommended or required system configurations, including applications, ports, services, and security basics. But ask yourself: How can I validate that my systems are configured according to my security policy? Can I automate that process? Can I provide justification for my established policy? Can I easily manage my policy, especially as it applies to assets and groups of assets? This reconciliation process poses a significant challenge that often involves lots of time, resources, manual checks, cross-system comparisons, and approval processes.
The Solution: Tripwire State Analyzer
How Does Tripwire State Analyzer Help You?
With Tripwire State Analyzer, you manage your policies centrally and get reports on approval, as well as unauthorized system settings of multiple types. In addition, you can automatically include the justification for a given setting in the same report to speed up the auditing process.
Tripwire State Analyzer enables you to define a set of required or permitted system settings. When a system is examined, a comprehensive report of authorized and unauthorized settings is generated along with the justification information. This report enumerates the settings that are out of compliance, and can be configured to provide justification for why the change was allowed. This provides an automatic audit trail of changes and justifications, as well as unauthorized changes as they happen. Tripwire State Analyzer saves time and increases accuracy for both business and audit driven compliance policies.
Tripwire delivers continuous and unmatched PCI compliance by our unique integration of policy management, file integrity monitoring (FIM), vulnerability assessment and log intelligence. Tripwire State Analyzer specifically addresses PCI 3.2.1 Requirement 1.1.6, which relates to the documentation and business justification for use of all services, protocols, and allowed ports.
NERC CIP Requirements
The application also lends its power— alongside Tripwire Enterprise, Tripwire IP360 and Tripwire LogCenter®—to help you address the requirements contained in these NERC CIPv6 standards:
- CIP-007 R1: Ports and Services — The app can monitor ports and services and compare current state against a tailored set of customer-specific approved port and services, alerting when monitoring detects a variance.
- CIP-007 R2: Security Patch Management — The app can identify software versions and installed patches and compare current state against a tailored set of Patch Management customer-specific approved software versions and patches, alerting when there is a variance on specific BCAs.
- CIP-010 R1: Configuration Change Management — The app can identify and authorize application software/ versions, custom sw, logical network accessible ports, and security patches.
The Center for Internet Security’s CIS Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks.
Tripwire State Analyzer is a powerful tool to address the following:
- Control 2: Inventory and Control of Software Assets
- Control 4: Secure Configuration of Enterprise Assets and Software
- Control 5: Account Management
- Control 6: Access Control Management
- Control 13: Network Monitoring and Defense
- Control 16: Application Software Security
Save Time with Customized Detailed Reports
Tripwire State Analyzer increases automation and efficiency and can be customized for each unique enterprise, enabling you to save time and resources:
- Automate the validation of detected system configurations
- Generate detailed system configuration reports of authorized and unauthorized configurations
- Increase audit preparation efficiency