Here at The State of Security, we cover everything from breaking stories about new cyberthreats to step-by-step guides on passing your next compliance audit. But today we’d like to offer a straight-forward roundup of the Tripwire product suite. Get to know the basics of Tripwire’s core solutions for FIM, SCM, VM and more. Without further ado:
Tripwire’s flagship solution is the industry standard for integrity monitoring and security configuration management. It provides fully-integrated solutions for policy, file integrity monitoring (FIM) and remediation management. Tripwire Enterprise is a security configuration management (SCM) suite that provides fully integrated solutions for policy, file integrity and remediation management. Organizations can use these solutions together for a complete end-to-end SCM solution, or use its file integrity monitoring or policy management solutions on their own to address today’s pressing security and compliance challenges—while building a foundation that positions them to address tomorrow’s.
The suite lets security, compliance and operations teams rapidly achieve a foundational level of security across your entire enterprise, including on-premise, cloud and industrial assets, by reducing the attack surface, increasing system integrity and delivering continuous compliance. Plus, because Tripwire Enterprise integrates with enterprise applications to automate workflow with additional security point solutions like SIEMs and change management tools, organizations can broaden their security worldview and gain even greater efficiencies.
Tripwire ExpertOps provides a cloud-based managed services version of the industry’s best FIM and SCM. Your staff will receive an experienced engineer who's always in sync with your team. You'll see rapid time to value with consolidated services that quickly align your systems with multiple compliance standards—all hosted on single-tenancy cloud infrastructure.
A single subscription in one of three available tiers provides ongoing, personalized consulting from trained experts and hands-on tool management to help you achieve and maintain compliance and critical asset security. It provides stretched IT teams an alternative to the difficult process of purchasing, deploying and maintaining products.
Tripwire’s co-managed service for SCM, FIM, policy management, and much more integrates with Tripwire Enterprise, Tripwire® IP360™, and Tripwire Industrial Visibility.
Tripwire State Analyzer
Tripwire State Analyzer eases the burden of change management with centralized allow listing of authorized network ports, installed software, running services, and more— working in tandem with Tripwire IP360 and Tripwire Enterprise to automatically validate detected system configurations and report on its findings. These reports contain the audit justifications for detected configurations, creating a clear audit trail while alerting you to unauthorized system changes that could indicate a potential compromise or security risk.
The solution lends itself to a streamlined compliance process with a number of regulatory standards including PCI DSS, NERC CIP, the CIS controls, and more. It also works with FoxGuard to equip users with a complete patch management process, from selection to validation and auditing. Most important of all, Tripwire State Analyzer is scalable, flexible, and easy to maintain.
Tripwire Configuration Manager
Tripwire Configuration Manager is your tool for automatically enforcing the configuration of your cloud assets based on Amazon Web Services (AWS) , Microsoft Azure, and Google Cloud Platform (GCP) all on the same console. This tool can also scan the configuration states of third party applications Salesforce and Zoom. To save your team time and to reduce the opportunity for threat actors to take advantage of a vulnerability, you have the option of automatically enforcing your configurations when changes are made that take them out of their compliant state. Additionally, Tripwire Configuration Manager will prioritize all misconfigurations with a risk score, so your security staff can immediately address the most crucial problems first.
Tripwire IP360, Tripwire’s vulnerability management (VM) solution, helps you discover assets, identify vulnerabilities and prioritize risks. This enterprise-class vulnerability management solution enables cost-effective reduction of cyberthreat risk by focusing your remediation efforts on the highest risks and most critical assets.
This solution includes agent-based vulnerability management (ABVM). Agents enhance Tripwire
IP360’s core functionality by bypassing the need for access credentials and by reducing overall network traffic. ABVM includes dynamic IP endpoints and occasionally-connected devices, providing more accurate vulnerability assessment of your assets. ABVM can also be used to strengthen your cloud assets’ security by building agents directly into cloud images.
Security professionals at all levels require a foundational level of security and must have proven ways to demonstrate how it protects the organization’s assets, services and business initiatives. Tripwire Connect, the visualization and reporting platform purpose-built for Tripwire Enterprise, makes this possible.
Incremental data transmissions of all Tripwire Enterprise data sources enables near-real time reporting. Transferring only the “delta” change data reduces network bandwidth and speeds analysis. Tripwire Connect provides consolidated reporting and dashboards for SCM data across multiple TE consoles, VM data across IP360 systems, and SCM Cloud Account Data from Configuration Manager all in one place.
Tripwire Log Center collects, analyzes and correlates log data from devices, servers and applications. It offers customizable dashboards with an easy drag-and-drop interface. Its correlation engine automatically identifies and responds to events of interest using a logical flow of one or more conditions. Actions can include creating a work ticket, sending a notification email, or running a command. Tripwire Log Center can also integrate with Tripwire Enterprise and tripwire IP360 to detect and respond to anomalies and suspicious activities.
Another notable capability of Tripwire Log Center is Passive Asset Discovery. This allows customers to discover previously unidentified assets through analysis of their log data. After discovery, the assets can then be added to your environments for further monitoring by Tripwire Log Center.
Tripwire Industrial Visibility
Tripwire Industrial Visibility provides ICS operators with total clarity into the devices and activity on their network. It uses deep packet inspection, change management, event logging, and threat detection to help you keep your most sensitive assets out of intruders’ reach. This solution protects against unwanted change in your OT environment, using passive scanning and detection to keep you operating at peak availability and uptime.
The Tripwire Industrial Visibility solution solves operational challenges with continuous threat monitoring and advanced logging intelligence that gives you deep, granular ICS visibility. Tripwire Industrial Visibility gathers threat data that could threaten the safety and availability of your OT environment by analyzing network traffic and conducting deep packet inspection. It’s fluent in over 40 of the native industrial protocols commonly found in ICS, making sense of the floods of data produced by your entire range of IIoT-connected industrial devices.