Security and Compliance in Federal Agencies: 3 Tripwire Use Cases

Tripwire understands the security demands faced by federal government agencies. Security decision makers at these agencies aren’t only tasked with securing operations in a complex threat landscape—they also have to prove regulatory compliance at the same time.

Tripwire Federal Government Use Cases

#1: Ensuring compliance and minizmizing risk

#2: Automating manual tasks and enhancing breach detection

#3: Monitoring critical assets in the public cloud

Tripwire understands the security demands faced by federal government agencies. Security decision makers at these agencies aren’t only tasked with securing operations in a complex threat landscape—they also have to prove regulatory compliance at the same time.

Several stakeholders at a wide range of government agencies rely on Tripwire for industry-leading security and compliance:

  • Department of Defense (U.S. Army, Air Force, Navy, Marine Corps and Coast Guard)
  • Federal system integrators
  • Federal departments and independent agencies
  • Components of the congressional and judicial branches

In this case study, we’ll explore how three U.S. federal government agencies leverage Tripwire to overcome their challenges in FISMA compliance, breach detection, and security in the cloud.

 

 

Use Case #1: Ensuring Compliance & Minimizing Risk

U.S. Federal Agency

Customer Since 2014

Solutions: Tripwire Enterprise, Tripwire Log Center, Tripwire IP360

Federal agencies must establish and maintain regulatory compliance in order to keep their systems hardened against threats and pass audits. With the most comprehensive library of policy tests for all major standards like DISA STIG, NSA, FISMA and CIS, Tripwire bakes in foundational controls to align with all government security or compliance frameworks.

Challenges

A Tripwire customer since 2014, this agency needed to fulfill a compliance requirement for File Integrity Monitoring (FIM), or System Integrity Monitoring (SIM), after having recently failed an audit. It had a large footprint of assets associated with virtualization. To make matters more complex, these assets included NetApp, EMC and VMWare as opposed to the more commonly-found Windows and Linux OSes. Lastly, it also struggled with inaccurate reporting due to the use of legacy vulnerability and compliance tools.

Solution

The agency implemented Tripwire Enterprise with Tripwire IP360 and Tripwire Log Center for system integrity monitoring and change validation, accurately identifying assets and vulnerabilities, and for creating workflows that supported their information system security officer’s audit review requirements for changes and logs. The agency installed Tripwire’s entire solution suite on multiple classified and unclassified networks as well as its DMZ.

Outcome

Integrating these Tripwire solutions proved extremely valuable for this federal agency. With the help of Tripwire, it was able to scan the infrastructure in its virtualized environments and monitor for high-risk vulnerabilities, including the agency’s uncommon assets. As a result, it was able to meet their specific compliance objective (FISMA SI-7) and even closed 95 percent of its audit findings.

 

 

Use Case #2: Task Automation & Early Breach Detection

Independent U.S. Federal Agency

Customer Since 2015

Solution: Tripwire Log Center

Automating security tasks keeps systems continually updates and reduces the risk of human error while making more efficient use of agency time and resources. Tripwire solutions readily interact with other solutions, providing value asset information into a wide range of security and operations tools for enhanced overall performance and reduced total cost of ownership.

Challenges

This independent U.S. federal agency deployed Splunk Enterprise Security to monitor and defend against malicious activities across its large, global environment. However, an influx of data related to security events began to impact the timely identification and resolution of threats. This also led to an increase in the cost and complexity of managing its SIEM. It needed a solution to prescreen information, remove extraneous alerts and maximize the effectiveness of its current solution while improving the quality and speed of threat detection.

Solution

Tripwire Log Center was deployed to make its existing security measures more efficient and cost-effective, reducing workload and revenue use while enabling real-time intelligence and enhancing early breach detection. With Tripwire Log Center, this agency is also able to filter out non-verified event-related data and identify anomalies or patterns known to be threats or early indicators of breaches.

Results

With Tripwire, this agency’s security team lowered the volume of data requiring analysis by 80 percent. With more actionable, relevant data, the team was able to set advanced rules and spend more time addressing validated alerts. As a result, it also expects to save millions in overhead costs.

 

 

Use Case #3: Monitoring Critical Assets in the Government Cloud

Major U.S. Defense Program

Customer Since 2008

Solution: Tripwire Enterprise

Federal agencies face a unique set challenges in the cloud because of programs like FedRAMP designed to ensure cloud security. Tripwire’s solution suite scales across all types of federal environments, be they on-premise, virtual, hybrid, or in a private or public cloud.

Challenges

This major U.S. defense program was preparing to transition to the Amazon Web Services (AWS) Cloud and needed a solution that could alert it of IT and mission changes during and after the tedious process.

Solution

Tripwire Enterprise was deployed for file systems, databases, network devices, ESX, desktops and directory services. With the help of Tripwire Enterprise, this major defense program was able to baseline its system state and quickly identify authorized and unauthorized change.

Results

In Tripwire Enterprise, this defense program found a solution that effectively communicates critical details about when system changes occur and by whom to further facilitate detection and remediation. With over 400 policy and platform combinations for regulations, standards and security frameworks, this U.S. defense program can remain confident in its compliance even when policies are in flux.

Achieve Outstanding Infrastructure Security with Tripwire

Tripwire delivers the security and compliance solutions that give you a substantial advantage in today’s complex cyber threat landscape. Learn more about protecting your data from cyber attacks by scheduling a quick Tripwire demo today.