Here at The State of Security, we cover everything from breaking stories about new cyberthreats to step-by-step guides on passing your next compliance audit.
But today we’d like to offer a straight-forward roundup of the Tripwire product suite. Get to know the basics of Tripwire’s core solutions for FIM, SCM, VM and more. Without further ado:
Tripwire’s flagship product is the industry standard for integrity monitoring and security configuration management. It provides fully-integrated solutions for policy, file integrity monitoring (FIM) and remediation management. Tripwire Enterprise is a security configuration management (SCM) suite that provides fully integrated solutions for policy, file integrity and remediation management. Organizations can use these solutions together for a complete end-to-end SCM solution, or use its file integrity monitoring or policy management solutions on their own to address today’s pressing security and compliance challenges—while building a foundation that positions them to address tomorrow’s.
The suite lets security, compliance and operations teams rapidly achieve a foundational level of security across your entire enterprise, including on-premise, cloud and industrial assets, by reducing the attack surface, increasing system integrity and delivering continuous compliance. Plus, because Tripwire Enterprise integrates with enterprise applications to automate workflow with additional security point solutions like SIEMs and change management tools, organizations can broaden their security worldview and gain even greater efficiencies.
Tripwire File Analyzer
Tripwire File Analyzer is another extension of Tripwire Enterprise that enables you to determine whether new files introduced in your environment include malware. Should any unwarranted changes appear on the critical servers monitored with Tripwire Enterprise, Tripwire File Analyzer can immediately inspect the changed or new file to identify malicious behavior.
Tripwire File Analyzer spins up suspicious files into a protected sandbox environment for inspection. A comprehensive PDF report is then provided within the Tripwire Enterprise console.
Tripwire Configuration Manager
Tripwire Configuration Manager is your tool for automatically enforcing the configuration of your cloud assets based on Amazon Web Services (AWS) and Microsoft Azure. This takes work off the plate of your already busy security staff, as it’s doing this work on -based assets for you. This will save you and your security team time—you have the option to have your configuration automatically enforced. Additionally, Tripwire Configuration Manager will prioritize all misconfigurations with a risk score, so your security staff can immediately address the most crucial problems first.
Tripwire IP360, Tripwire’s vulnerability management (VM) solution, helps you discover assets, identify vulnerabilities and prioritize risks. This enterprise-class vulnerability management solution enables cost-effective reduction of cyberthreat risk by focusing your remediation efforts on the highest risks and most critical assets.
The latest release introduces agent-based vulnerability management (ABVM). Agents enhance Tripwire
IP360’s core functionality by bypassing the need for access credentials and by reducing overall network traffic. ABVM includes dynamic IP endpoints and occasionally-connected devices, providing more accurate vulnerability assessment of your assets. ABVM can also be used to strengthen your cloud assets’ security by building agents directly into cloud images.
Security professionals at all levels require a foundational level of security and must have proven ways to demonstrate how it protects the organization’s assets, services and business initiatives. Tripwire Connect, the visualization and reporting platform purpose-built for Tripwire Enterprise, makes this possible.
Incremental data transmissions of all Tripwire Enterprise data sources enables near-real time reporting. Transferring only the “delta” change data reduces network bandwidth and speeds analysis. Tripwire Connect provides consolidated reporting and dashboards for SCM data across multiple TE consoles, VM data across IP360 systems, and SCM Cloud Account Data from Configuration Manager all in one place.
Tripwire® Log Center®
Tripwire Log Center collects, analyzes and correlates log data from devices, servers and applications. It offers customizable dashboards with an easy drag-and-drop interface. Its correlation engine automatically identifies and responds to events of interest using a logical flow of one or more conditions. Actions can include creating a work ticket, sending a notification email, or running a command. Tripwire Log Center can also integrate with Tripwire Enterprise and tripwire IP360 to detect and respond to anomalies and suspicious activities.
A new capability of Tripwire Log Center 7.3, Passive Asset Discovery, allows customers to discover previously unidentified assets through analysis of their log data. After discovery, the assets can then be added to your environments for further monitoring by Tripwire Log Center.
Tripwire ExpertOps extends your staff with a dedicated engineer who’s always in sync with your team. You’ll see rapid time to value with consolidated services that quickly align your systems with multiple compliance standards—all hosted on single-tenancy cloud infrastructure. Tripwire ExpertOps provides a cloud-based managed services version of the industry’s best FIM and SCM.
A single subscription in one of three available tiers provides ongoing, personalized consulting from trained experts and hands-on tool management to help you achieve and maintain compliance and critical asset security. It provides stretched IT teams an alternative to the difficult process of purchasing, deploying and maintaining products.
Tripwire’s managed service is available for Tripwire Enterprise, Tripwire IP360, and Tripwire Industrial Visibility. There is also a version of ExpertOps that runs in a FedRamp certified environment.
Tripwire Industrial Visibility
Tripwire Industrial Visibility provides ICS operators with total clarity into the devices and activity on their network. It uses deep packet inspection, change management, event logging, and threat detection to help you keep your most sensitive assets out of intruders’ reach. This solution protects against unwanted change in your OT environment, using passive scanning and detection to keep you operating at peak availability and uptime.
The Tripwire Industrial Visibility solution solves operational challenges with continuous threat monitoring and advanced logging intelligence that gives you deep, granular ICS visibility. Tripwire Industrial Visibility gathers threat data that could threaten the safety and availability of your OT environment by analyzing network traffic and conducting deep packet inspection. It’s fluent in over 40 of the native industrial protocols commonly found in ICS, making sense of the floods of data produced by your entire range of IIoT-connected industrial devices.