Breakthrough in vulnerability management enables organizations to focus on the three percent of vulnerabilities that have been or will likely be exploited in the next 28 days Tenable®, Inc., the Cyber ...
Experts from the NSA and Darktrace discuss AI, invisible security, and why you really need to change your passwords.
Tripwire Enterprise Now Collects Digital Forensic Data to Support Incident Response
PORTLAND, Ore. – November 14, 2018 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced that Tripwire® Enterprise now features the ability to collect digital forensic data in the event of a data breach.
"Tripwire Enterprise monitors systems in real-time for changes that could be indicative of a breach," said Tim Erlin, vice president of product management and strategy at Tripwire. "When a security breach is suspected, Tripwire Enterprise's new Incident Response Rules can be used to collect in-depth data on what happened on a system to speed and support incident response."
Tripwire Enterprise delivers forensic data from Windows-based systems file, network, process, USB, and USB artifacts. In each area, Tripwire Enterprise:
- File Access: Identifies files which have been opened, searched for, or executed, including trusted Microsoft Office locations which may be abused by an attacker.
- Network Artifacts: Identifies active network connections. These help in identifying whether malware is communicating with command and control servers, and check for active lateral movement from the endpoint.
- Process Execution: Provides evidence of processes which have been executed on an endpoint. Tripwire Enterprise can show both actively running and executables which have evidence of having been run in the past.
- USB Usage: Provides a list of actively installed USB drives, drives which have been installed in the past, and any mount points which may be set up on the endpoint.
- User Activity: Identifies actions the user has taken on the endpoint and what a user was searching for to help determine a malicious actor’s goal.
PORTLAND, Ore. – October 31, 2018 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, announced today that the latest version of its vulnerability management solution, Tripwire® IP360™, Version 9.0.1, has achieved Common Criteria Evaluation Assurance Level 2 augmented with Flaw Remediation (EAL2+). Tripwire IP360 is currently one of 12 “Detection Devices and Systems” recognized globally as being Common Criteria Certified, which also includes Tripwire's secure configuration management solution Tripwire Enterprise.
Internationally recognized as the evaluation standard for IT security products, Common Criteria certifications provide independent assurance to government and commercial agencies that the products being purchased satisfy security requirements for information systems.
“Tripwire IP360 has a long history of enabling governments to accurately prioritize risk and take action on their most exposed assets,” said Mitchell Jukanovich, vice president of federal at Tripwire. “Achieving the most current Common Criteria Certification illustrates Tripwire’s continuing commitment to meet increasingly stringent U.S. national and international security standards and is assurance that we’re bringing the most secure products to market.”
The certification was issued by the Communications Security Establishment (CSE), the Government of Canada’s center for IT security expertise, advice and guidance, and a participant of the Common Criteria Recognition Arrangement (CCRA). The CCRA brings together 28 nations who agree to accept a unified approach to the evaluations of IT products and protection profiles for information assurance and security.
As an industry-leading vulnerability and security risk management solution, Tripwire IP360 provides a comprehensive view of vulnerability risks across hybrid environments, including on-premise, in the cloud and in container-based environments. It offers both agent-based and agentless scanning options for a deeper, richer assessment of vulnerability risks, and prioritizes security risks within business context by combining business asset values with vulnerability scores.
Tripwire’s award-winning cyber integrity solutions are used across every DoD Branch service, including Army, Air Force, Navy, Marine Corps, numerous intelligence agencies and more than 85 percent of the Federal Government’s civilian agencies.
The Tripwire IP360 certification report is available at https://www.commoncriteriaportal.org/files/epfiles/383-4-446 CR v1.0.pdf
For more information on Tripwire IP360 please visit: https://www.tripwire.com/products/tripwire-ip360/
Tripwire for DevOps Saas Debuts – The First Dynamic Container Vulnerability Assessment Service for the DevOps Pipeline
PORTLAND, Ore. – August 08, 2018 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the debut of Tripwire® for DevOps. After pre-releasing DevOps capabilities in an early access program earlier this year, Tripwire has launched Tripwire for DevOps as a generally available software-as-a-service (SaaS) solution. Tripwire for DevOps integrates security assessments into the DevOps life cycle and toolchain, providing visibility into the security state of underlying application infrastructure throughout the pipeline.
Complementing application and source code analysis tools, Tripwire for DevOps assesses container images and container registries for vulnerabilities, with additional features, such as the ability to assess configurations for compliance with security policies, in near-term release. It integrates with the CI/CD pipeline to ensure components meet security standards as they move through build and deploy DevOps stages.
"As organizations move their application and service deployment to a DevOps model, it's vital that they integrate security into the actual process," said Tim Erlin, vice president of product management and strategy at Tripwire. "In addition to securing custom code, businesses need to ensure that the application infrastructure and inherited code remain secure throughout the life cycle. We're excited to introduce a solution that embodies what's been referred to as 'DevSecOps,' true integration of security into the DevOps workflow."
Tripwire for DevOps fully automates the assessment of container images in the CI/CD pipeline and can dynamically test live instances of application containers in an isolated, cloud-based sandbox. It can be used to establish quality gates at each stage to fail builds that don't meet defined security standards. It can also be used to simply monitor and assess repositories, providing visibility of potential risk without interfering with the roll-out process.
In a report, Gartner analysts said, "Traditional application security testing relies on heavyweight, one-time gating inspections, typically performed during testing, taking days if not weeks and requiring security professionals to perform them. This won't work and it won't scale for DevSecOps. DevOps emphasizes continuous feedback and improved automation. Security needs to adopt and support a mindset where security starts at the very beginning of the service creation, throughout the DevOps processes, and is continuous, automated and improves with each subsequent iteration."*
- Simplifying deployment and set-up, Tripwire for DevOps is a fully self-contained SaaS solution that features:
- Integration with popular DevOps CI/CD build tools, including Jenkins, & TeamCity, with additional tools coming soon.
- Compatibility with all Docker v2 repositories for container assessment.
- A complete REST API and command line interface for DevOps engineers to write custom integrations.
New functionality tackles publicly exposed cloud data; core secure configuration functionality now supports Google Cloud Platform
PORTLAND, Ore. -- (BUSINESS WIRE)--Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced expanded support for cloud environments with Tripwire® Cloud Management Assessor (CMA). The solution now features File Integrity Monitoring (FIM) capabilities for addressing publicly exposed data in the cloud, and its core secure configuration management functionality now supports all major cloud providers, including Google Cloud Platform.
"Tripwire is dedicated to helping organizations implement critical security controls in their environments, especially as these environments grow more complex with the adoption of hybrid and multicloud models," said Tim Erlin, vice president of product management and strategy at Tripwire. "We've expanded our capabilities to help organizations keep their cloud environments properly configured and prevent inadvertent exposure of their data."
New capabilities for addressing publicly exposed cloud data
Tripwire CMA's new File Integrity Monitoring (FIM) capabilities allow organizations to discover publicly exposed cloud instances or "buckets." In light of several recent incidents where sensitive information was mistakenly left exposed on cloud servers, Tripwire CMA can be used to ensure buckets are properly configured and data is kept secure.
The new FIM capabilities currently cover AWS S3 and Azure Blob and provide change monitoring of files stored in the cloud, as well as providing alerts to public-facing files and flagging suspicious or unauthorized changes. Additionally, these capabilities provide actionable information for mitigating issues.
Secure configuration expanded to support all major cloud providers
Tripwire CMA was launched in 2017 to help customers determine the security state of their cloud deployments by gathering, analyzing and scoring configuration data. It ensures that consoles are securely configured according to Tripwire policies, enabling customers to follow industry best practices like the Center for Internet Security (CIS) benchmarks. In addition to supporting AWS and Azure, Tripwire CMA’s core security configuration management functionality has expanded to include Google Cloud Platform. The cybersecurity solution monitors configuration changes that may affect the confidentiality, integrity or availability of a user’s cloud assets.
With over 2,600 members, the Security Institute is the leading organisation for security professionals in the UK. Membership benefits include excellent networking opportunities at educational and social events at UK-wide venues, special interest groups, careers support and partnership opportunities between the Institute and other specialist organisations.