We have many customers who originally have bought Tripwire to comply with a PCI audit. However, we have found that when our Professional Services team engages with their team they usually uncover additional value from our solutions that takes the use of our solutions beyond compliance and into the security domain.
- Industry: Retail
- Region: USA
- Business Problem: Need to pass a PCI audit
- Solution & Benefit: Passed PCI compliance and provided visibility into suspicious change events to the security team
The initial objective of this large retailer in the United States was to meet PCI compliance. Our Professional Services team set up critical change audit rules for their extensive environment. While they were doing some rule tuning, they found out that one of the DLLs that was in scope for the change audit rules was showing up on the frequently changed elements report — something that didn’t fit right with our experts.
Finding it very suspicious in nature, they turned on the real-time monitoring and starting to receive email alerts. They discovered that the DLL was changing several times a day at irregular times and outside the change windows. That specific DLL existed in all of the domain controllers, but in this one server it had a different size and a different hash. This information was very useful to pass on to their security team, who investigated it as a potencial security incident.
If you’re interested in finding out more how we’ve helped other customers achieve PCI compliance and provided security value, you can read our in-depth case studies. We also offer a variety of PCI DSS compliance and security resources available for you. hope you enjoy this series — as usual, I welcome your feedback.
You can find other customer success stories in this video series:
- From PCI to Real-Time Security (Financial Services in EMEA)
Tunnel image courtesy of Shutterstock.