Meeting FISMA SI-7 with Tripwire Integrity Monitoring

Tripwire provides the capabilities to achieve and maintain compliance with one of the toughest FISMA standards - monitoring for unauthorized change.


An often overlooked fundamental controls is the ability to detect changes in your environment and determine if they are good or bad. This is clearly required as part of the NIST 800-53 standard, System Information and Integrity (SI) 7: Organizations must employ automated and centrally managed integrity verification tools to detect unauthorized change. And they must incorporate these changes into an incident response process.

SI-7 is one of the most challenging NIST requirements and often contributes to audit failures. This is because it requires continuous monitoring, coupled with the ability to reconcile each change to determine whether it is authorized or not.

One of Tripwire's core strengths has always been its integrity monitoring and reconciliation capabilities, that provide:

  • Real-time or scan-based change detection
  • What was the change, who made it and when
  • Multiple reconciliation options to differentiate good from bad change
  • Integration with change ticketing systems to provide an integrated change management process

Complete the form to the right to learn more about the SI-7 requirements and how Tripwire can help you meet this demanding standard.