In my last, although certainly not least, post in this series, we’ll take a look at how enterprises are using Tripwire Log Center—our log intelligence solution that enables our customers with the best features of a SIEM.
In my first two posts of the series (here and here), we focused on Tripwire IP360 and Tripwire Enterprise. To round out this series, this article focuses on Tripwire Log Center—our log intelligence solution that brings real-time intelligence to machine data with fast security analytics and forensics for rapid incident response.
We are excited to share with you more results that we have gathered using TechValidate, a third-party research firm.
Not familiar with Tripwire Log Center?
Tripwire Log Center enables customers to better manage high volumes of data for security and compliance, providing a robust log management solution to ensure data is collected securely and reliably without impacting network performance. Tripwire Log Center provides this peace of mind, by delivering advanced log collection, encryption and storage, as well as a collecting and forwarding capability for robust enterprise integration.
Taking a look at our surveyed Tripwire Log Center customers, below you can find the top challenges that were addressed with this solution:
Reliable, resilient and secure log collection for security and compliance
One of the biggest challenges organizations face when meeting compliance or trying to determine root cause of an attack is the possibility that the required data has been lost – or was never collected. Tripwire Log Center ensures that organization can meet regulatory requirements around complete, secure and reliable log collection.
The agent used to collect and forward log data ensures that if a system, device or other assets goes down, you have 100 percent certainty that you’ve got all of the data. As we provide high level of compression to reduce storage demands, while simultaneously protecting logs from alteration.
“Tripwire Log center provides our company visibility into various event types being collected as well as reporting on these events.” Source: IT Specialist, Medium Enterprise Financial Services Company (TVID: 2A4-A57-EA2)
Tracking potential threats to the organization in real-time
Tripwire Log Center supports early threat detection in several key ways. It collects data from devices, servers, application and automated security processes and forwards only the actionable, relevant data to the security intelligence solution or security teams. You can easily set up advanced correlation rules that review this data to detect and alert on suspicious activity around your high-value assets.
When integrated with Tripwire Enterprise, Tripwire Log Center expands the ability to create rules that detect and alert on suspicious events related to changes that affect the security and compliance state of your system, providing even richer business context.
Correlating Data from Separate systems within the Organization
Many enterprise organizations use additional systems to get real-time alerts on suspicious events. These systems often keep only a subset of the log data they collect and only for a limited amount of time. For this reason, organizations often require their compliance and operations departments to have a log management solution that serves as the trusted and primary collector of all logs.
Tripwire Log Center not only provides secure and reliable log capture, but can pass raw log data or specific event data to other systems for further analysis. Bonus: With Active Directory integration, Tripwire Log Center seamlessly gathers user entitlement, groups, roles and other attributes that already exist in your Active Directory environment to help you more accurately detect suspicious activities.
“Tripwire Log Center’s events correlation capability is really useful, and having Audit Logger ready for any in-depth investigation has a great use for our day-by-day activities.” Source: IT Professional, Medium Enterprise Automotive & Transport Company (TVID: 85B-18B-69A)
Visit our Tech Validate portal here to see additional survey results from our users and learn how these products can help solve your security problems:
Until next time,
- You Talked, We Listened: Overcoming Customer Challenges, Part II
- How To Ruin Your Day But Save Your Year
- You Talked, We Listened: Overcoming Customer Challenges
- Cyber Resiliency: Harden Your Systems
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Header image courtesy of ShutterStock