Tripwire is very much household name within the cybersecurity community. It’s been around from the early days of creating intrusion detection software that would later be known as File Integrity Monitoring (FIM) all the way through to deploying a portfolio of products that focuses on SCM, Vulnerability Management, Asset Management, Industrial Cybersecurity and much more! During this time, one thing has stayed the same – the culture that has been created at this wonderful organization by an amazing group of people. One example of how that culture has been acknowledged is the journey that John Wertz has taken from using Tripwire three weeks into his cybersecurity career to becoming a cybersecurity engineer at Tripwire. Here is John’s story.
Joe Pettit: Tell me how you got into cyber security.
John Wertz: What brought me to cyber security was when I was in college when I did an internship with Time Warner Cable. I graduated, and they reached out to me about an open position they had in cybersecurity. I went there, and it was an engineering job managing their Tripwire environment.
JP: So that was your first experience with Tripwire. How did you find that? What were your initial thoughts?
JW: As an entry-level candidate, I started training with a really great fellow who had managed the console for several years. About two, three weeks into my time there, he was diagnosed with cancer and had to take a leave of absence. So, my experience was very hands-on and self-taught. They essentially put me in front of the product. I just had to read a lot of the user manuals and material out there that Tripwire did provide to train myself how to use the product not just as a checkbox tool but as an actual security tool.
JP: Were there enough resources around from Tripwire to give you a good understanding of the product to help you fast track your learning and use the product the way you wanted?
JW: The support and the knowledge out there were so helpful and so easy to use. It helped me learn that product very quickly, keep my job and advance my career. It was amazing.
JP: You just mentioned that you had that initial experience with Tripwire and that you learned on the job as you went. How has that knowledge of Tripwire helped you throughout your career?
JW: It’s great that Tripwire has been my career. Initially, I was an engineer, so it helped me secure my environments and really protect them from any potential intrusions. But then right after that, I moved into a compliance role. It immediately was touching on all these controls and audit findings that I had to alleviate. I then knew, “Hey, I already know what tool to use and how to do it.” And it was Tripwire.
We had to have a Tripwire unification project where all three different companies combined their own Tripwire instances. It just showed the importance of the product to the organization. And then, having that on my resume—Tripwire Enterprise, Tripwire IP360—my next step was actually with EY Consulting implementing Tripwire solutions into a NERC CIP program. It was really that Tripwire knowledge that got me in the door and into that job.
My next step was joining the team that I’d been waiting to join for about five years: Tripwire.
JP: Great. When did it come to you that you wanted to work for Tripwire? How did that all come about, and how did you end up actually coming to work for Tripwire?
JW: So, it came about pretty early working with support and staff. I very quickly built lots of friendships including with the professional service guys I would occasionally reach out to some of the friendships I had made and say,” Hey, what do y’all got going on? Is there any kind of position?” Eventually, Randy Esser reached out to me and was like, “Hey man, you got this great gig. I think it would fit you.” And because I kept in contact, we worked closely together with Tripwire when he did a professional services engagement, and the rest was history.
JP: Yeah. Having that initial career to now being a Tripwire put you in good stead when you’re working with customers. Are there certain experiences and that you’ve gained from that initial part of your career that would set you apart from other people at Tripwire?
JW: I absolutely do. And I think I’ve used that over the last couple of weeks. There’s been a customer who came to support with an issue. To him, it was an urgent issue. He added his SE to the email thread. I understand that support was getting to him, but I also understand that support’s busy. So, I took the chance and opportunity to reach out to the customer myself and use some of the skills that the support used with me. I got the pass along to our customer, saved support a little bit of headache and helped out a customer while maintaining that Tripwire culture that I’ve come to know by working with Tripwire.
JP: That’s a great answer, and it’s amazing to have that experience to be able to pass on. People might not know about Tripwire and maybe are not familiar with the product range. There are so many different products now. What do people not know about Tripwire?
JW: One, I think it’s the ability to automate and integrate with other tools. It’s definitely a differentiator out there for us in the market.
I think the type of data we’re able to gather with is also important. There’s no competitor in the market that pulls content from files and things like that. That’s a Tripwire Enterprise staple.
I really like how our vulnerability management tool works and how it’s scaled. I think that our proprietary scoring system is a big part of the future because I think that is going to be a constant hurdle, which is prioritizing risks. We offer a really great way of doing it. And it’s numeric, so it’s priceless.
Four, people know us for Tripwire Enterprise, but they don’t know about some of our cooler and newer products that are coming out. So, there is Tripwire Connect and our OT products. We’ve really put a lot of work into a reporting and analytics platform that you can now bring all your Tripwire data into one place.
Last but not least, I don’t think customers really know about the support and kind of the content and knowledge that the company provides. I would say Tripwire is one of the best out there. Culture-wise, content-wise, knowledge-wise and personnel-wise, I don’t think there’s really anything better out there.
JP: Good points. I had a couple of things to follow up on that. You spoke about integrations, and from a lot of the things I read or when I talk to people, one of the points that always comes up is consolidation of vendors. What are the benefits to working with Tripwire and focusing on the integration side of things? Is there a couple that you can highlight?
JW: If you look at our product portfolio itself, we cover a lot of the main domains of IT security. You could use Tripwire as one vendor to cover all your security needs and to create a security program. In terms of specific integrations with other vendors, there’s unique ones, and there’s ones that are kind of put together like Legos, cause it’s kind of prebuilt.
JP: I think one of the biggest issues aside from different vendors and integrations is the perceived skills gap. I know Tripwire has ExpertOps, so it’d be to talk a little bit about your experience of Expert Ops. What it is? Is there a skills gap?
JW: I know ExpertOps, and it’s a great tool. It allows Tripwire to offer you all the Tripwire services, but we actually manage the service in house, handle your reporting and take a lot of that overhead and that skills gap that you might have away.
There’s a major skills gap out there not just for a Tripwire admin but for security professionals across the board. I’ve seen it firsthand where I get calls pretty frequently on LinkedIn about Tripwire jobs out there. Which tells me that there’s lots of other people who are getting hit up for Tripwire jobs, and that knowledge and experience with the product isn’t as vast as you would think when you’re working at Tripwire or are managing it for five straight years.
So, I think being able to pass that overhead off to Tripwire is priceless. I think it’s going to always make your environment better enhanced and more efficient. I think it’s going to take out a lot of user error, and then it’s going to also allow the current staff you have to focus on more important jobs and tasks instead of learning Tripwire Enterprise or Tripwire IP360.
JP: That makes sense. I think that’s a really good point. So slightly away from Tripwire, if you could make any cyber security issue disappear forever, what would it be?
JW: The human? No, I’m just kidding. If I could, I would say to eradicate something, it would be the lack of training that companies provide their end users.
JP: Is there anything with Tripwire that’s coming up that you’re aware of?
JW: So, there’s two things that popped into my head. Soon we will have an Expert Ops offering for the federal space. Then, there will be customized reporting available in Tripwire Connect.
JP: Tell me a little bit more about that. What do you mean by the customized reporting?
JW: Well, Tripwire Connect right now comes with a strict set of reports. We’re selling customers a central view to look at everything, but we’re still only providing them templates to report with. So, we’re still keeping them in a box. By being able to customize the reports, do certain queries against the data, they’re going to be able to create a report that’s better suited for their auditor or whatever they’re used to for their executives.
JP: That sounds really exciting, John. I’m sure out customers are going to love that new feature.