Prioritize Vulnerabilities, Manage Your Risk
Improve security efficacy by combining business context with vulnerability intelligence.
Identify the risks you need to act on.
Business ContextManage security risk by associating business context that is unique to your environment. Protect and focus on what's important: your most critical IT assets and higher security risks.
Security AutomationFocus on critical actions for investigation. Get the current view of devices and software and vulnerabilities coverage, and prioritize critical risks. Stay in control while protecting against the latest threats.
Enterprise IntegrationShare intelligence and business context with other systems. Improve threat response and automate processes. When you find the bad stuff, we?ll automate, filter and integrate it with your systems.
Tripwire Vulnerability and Risk Management Solutions: Prioritize Your Vulnerability RisksDownload
Tripwire Vulnerability Management
Our proactive vulnerability management solutions discover comprehensive endpoint and network intelligence and apply advanced analytics to prioritize vulnerabilities. Know your greatest risks so security teams can make the quick decisions.
Feature & Benefits
Our vulnerability management solutions leverage physical, virtual and optional cloud-based deployment options for maximum flexibility and fast time to value.
Share intelligence and business context with existing IT systems to improve threat response, maximize security coverage, and minimize operational disruption.
Vulnerability Management & Assessment FAQs
What Is Vulnerability Assessment (VA)?
Vulnerability Assessment is the process of scanning networked devices and discovering vulnerabilities before hackers can exploit them. Tripwire IP360 performs vulnerability assessment as part of the Vulnerability Management lifecycle.
What Is Vulnerability Management (VM)?
Vulnerability Management is a closed-loop workflow that generally includes identifying networked devices, auditing (scanning) the devices for vulnerabilities, and remediating the vulnerabilities. Tripwire IP360 is the world’s leading vulnerability management system in use at some of the world's largest organizations.
How Is This Different From Penetration Testing (Pen Testing)?
Pen testing is a manual security assessment of a network that utilizes vulnerability assessment tools and others to determine network weaknesses. Tripwire partners utilize Tripwire IP360 when conducting penetration tests with their clients.
How Important Is Current Vulnerability Coverage?
Up-to-date vulnerability coverage is critical, especially as the window between vulnerability discovery and the release of an exploit is narrows to zero in some cases. Tripwire’s Vulnerability and Exposure Research Team (VERT) produces coverage on the latest vulnerabilities and Tripwire IP360 automatically updates itself as the coverage is released.
What Are Critical Features Or Capabilities?
Critical features in a vulnerability management solution include:
- Scalability – can the solution grow beyond a single department to scan my entire network in a timely fashion?
- Integration – does the solution integrated with existing enterprise systems such as ticket systems and IDS/IPS?
- Accuracy and comprehensiveness – does the solution accurately identify networked systems and the vulnerabilities on these systems?
- Modular – can you start small and grow the system to fit your network?
How Should I Decide Between Using A Managed Service Or On-Premise Solution?
If you desire control over your vulnerability data and integration of the vulnerability data with other systems on your network, an on-premise solution is best for you. If you prefer to outsource your security, a managed service may be an appropriate solution. Tripwire IP360 is the world’s leading on-premise vulnerability management system, and Tripwire partners utilize IP360 to deliver vulnerability management as a service.
How Do I Get Started With Vulnerability Assessments?
Tripwire makes it easy to get started with auditing your network for vulnerabilities. TripwireIP360’s appliance-based architecture enables you to start small and grow as your network grows.
Are There Important Metrics I Should Be Tracking In Vulnerability Management?
Yes. In order to continually improve your security risk posture, you must measure it using common metrics and compare it to past measurements. Useful vulnerability management metrics include:
- Vulnerability score by operating system, application, or organization division – this metric provides a high level measurement of how the organization is doing, cut across several dimensions.
- Most vulnerable applications, with a breakdown into vulnerability score by application version – this metric helps highlight old, vulnerable versions of software that should be upgraded or eliminated.
- Assets scanned within the last “X” days – this metric shows how much of the network is being scanned in a timely fashion.
- Unowned devices and unapproved applications – this metric is very useful to track “unowned” devices that may be rogue devices or simply contractor/consultant systems, as well as the trend of applications that are not specifically allowed on the network.