Here at Tripwire, we are proud to say we work closely with other security solution providers in order to deliver the best possible product to our customers. At this year’s RSA conference, we had the opportunity to present various sessions with some of our partners in the infosec community, including HP ArcSight, CORE Security, Net App, Red Seal Networks, Lumeta and the Council on CyberSecurity.
Here is an overview of some of the presentations we hosted at our booth with the help of our partners:
Secure the Cloud with NetApp and Tripwire
NetApp’s CISSP and CTO, Lee Vorthman joined us in showcasing some interesting facts and great tips on how to secure your cloud infrastructure.
This presentation began by emphasizing the rapidly increasing numbers of targeted attacks throughout the years, up 42% over the previous year. Surprisingly, 84% of compromises occur within just a few hours, and 70% of data exfiltration occurs in a similarly short period as well.
When do companies find out they are being breached? Two-thirds of compromises take months or longer to discover. Consequently, cyber incidents cost companies an average of $5.4 million per incident. Those numbers are alarming, right?
The good news is that NetApp and Tripwire can help close the gap and secure your data. With our service provider partnership, we offer flexibility, transparency and security:
- IaaS – scalable architectures for the cloud
- Real Time Monitoring – complete visibility into security status and configuration changes
- Integrated Data Protection – protecting against hackers
Here is a fun whiteboard visualizing the presentation, courtesy of artist Kelly Kingman who was on hand to illustrate the talks in real time as they took place:
Cyber Attack Prevention with Tripwire and RedSeal Networks
Sean Finn, global solutions architect at Red Seal Networks, provided insight on the timely topic of cyber attack prevention. First, Finn highlighted the fact that good analytic results require good input data. To achieve this, our solutions Tripwire Enterprise, Tripwire IP360 and Tripwire Log Center work in tandem with Red Seal Networks to produce network-aware configuration checks, auto-updated network maps, access vectors, security segmentation and threat vectors.
Our artist’s rendition shows some of the session’s key takeaways:
Fog of More: Prioritizing Your Defensive Actions with Council on CyberSecurity
We were also happy to have chief technologist Tony Sager from the Council on CyberSecurity providing his expertise on how to fight uncertainty and prioritize our actions using tools, technology, information and processes.
The Twenty Critical Security Controls attempts to tackle this problem as a community approach, which includes people, technology and policy. With this approach, first we have to find what works – Sager suggests that as security professionals we build our support network, using cases, working aids and communities-of-interest to find out what really works.
Below is a visualization of Sager’s presentation:
Tripwire + CORE Security = Attack Intelligence
In this session, Eric Cowperthwaite, Vice President of Advanced Security & Strategy at CORE Security joined Tripwire to present tips and tricks on protecting yourself from cyber threats. In order to stay one step ahead of hackers, Cowperthwaite advises us to “think like the bad guys.”
Here’s a visual recap of Cowperthwaite’s presentation:
Maximize Visibility for Vulnerability Management
Tripwire and Lumeta presented on today’s visibility challenge that accounts for unmanaged and unsecured devices, a disappearing network edge and corporate change. Lumeta typically identifies a ~20% gap in enterprise visibility across various industries.
But what does the gap really mean? It means that network change and complexity is outpacing policy and procedures. Nowadays, being compliant simply isn’t enough because organizations can only manage and secure what they know. An effective vulnerability management strategy must incorporate comprehensive “network situational awareness,” in order to actively reduce overall risk. The Lumeta and Tripwire integration of this procedure enables clients to:
- Close the gap on network visibility
- Gain comprehensive network intelligence on every connection, device and leak across the enterprise
- Address vulnerabilities and risk
Advanced Vulnerability and Configuration Management
Sri Karnam, HP Enterprise’s senior manager of product marketing, discussed with us the importance of comprehensive monitoring and analysis to extract value of our data. IDC predicts 99.5% of data is not tagged or analyzed. In other words, massive amounts of useful data are getting lost.
Karnam emphasized that by applying “big data” capabilities to security challenges, we can move from a reactive SOC to a more proactive SOC and eventually provide predictions on potential targets and threats. This way, we can gain visibility into our unstructured data and gain additional context from “big data” technologies as it relates to our security investigations.
Tripwire Enterprise, with the integration of HP ArcSight, is able to deliver this function by focusing on events and changes of interest. The solution performs advanced investigations and forensics to reduce false positives, improve speed and improve correlations.
If you missed the RSAC event, the following articles provide summaries and reviews by attendees of some of the more popular sessions that were available.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock