TRIPWIRE VIA PLATFORM PROTECTING YOUR DATA WITH INTEGRATED SECURITY CONTROLS

Similar documents
RSA NetWitness Suite Respond in Minutes, Not Months

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

THE TRIPWIRE NERC SOLUTION SUITE

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

INTELLIGENCE DRIVEN GRC FOR SECURITY

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Tripwire State of Cyber Hygiene Report

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Automating the Top 20 CIS Critical Security Controls

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

ALIENVAULT USM FOR AWS SOLUTION GUIDE

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

MITIGATE CYBER ATTACK RISK

SIEM: Five Requirements that Solve the Bigger Business Issues

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

ALERT LOGIC LOG MANAGER & LOG REVIEW

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

Business Context: Key for Successful Risk Management

locuz.com SOC Services

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Transforming Security from Defense in Depth to Comprehensive Security Assurance

A Practical Guide to Efficient Security Response

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

ForeScout Extended Module for Splunk

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

CyberArk Privileged Threat Analytics

The Convergence of Security and Compliance

The Convergence of Security and Compliance. How Next Generation Endpoint Security Manages 5 Core Compliance Controls

Carbon Black PCI Compliance Mapping Checklist

FOR FINANCIAL SERVICES ORGANIZATIONS

SIEM Solutions from McAfee

Reinvent Your 2013 Security Management Strategy

Combating Cyber Risk in the Supply Chain

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Security Operations & Analytics Services

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Introducing Cyber Observer

align security instill confidence

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

WHITEPAPER. Enterprise Cyber Risk Management Protecting IT Assets that Matter

NEXT GENERATION SECURITY OPERATIONS CENTER

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Security. Made Smarter.

Sponsored by Oracle. SANS Institute Product Review: Oracle Audit Vault. March A SANS Whitepaper. Written by: Tanya Baccam

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

RSA INCIDENT RESPONSE SERVICES

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

To Audit Your IAM Program

Traditional Security Solutions Have Reached Their Limit

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

74% 2014 SIEM Efficiency Report. Hunting out IT changes with SIEM

How to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

Device Discovery for Vulnerability Assessment: Automating the Handoff

External Supplier Control Obligations. Cyber Security

McAfee epolicy Orchestrator

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE

*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***

Database Discovery: Identifying Hidden Risks and Sensitive Data

CipherCloud CASB+ Connector for ServiceNow

CA Security Management

Tripwire State of Container Security Report

Global Security Consulting Services, compliancy and risk asessment services

Industrial Defender ASM. for Automation Systems Management

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

SecureVue. SecureVue

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Managed Endpoint Defense

Defense in Depth Security in the Enterprise

SIEMLESS THREAT DETECTION FOR AWS

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

Arbor Networks Spectrum. Wim De Niel Consulting Engineer EMEA

Demystifying Governance, Risk, and Compliance (GRC) with 4 Simple Use Cases. Gen Fields Senior Solution Consultant, Federal Government ServiceNow

Cybersecurity Roadmap: Global Healthcare Security Architecture

SYMANTEC DATA CENTER SECURITY

Security analytics: From data to action Visual and analytical approaches to detecting modern adversaries

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

Help Your Security Team Sleep at Night

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

The Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an

Security Information & Event Management (SIEM)

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

Asset Discovery with Symantec Control Compliance Suite WHITE PAPER

SIEMLESS THREAT MANAGEMENT

Sage Data Security Services Directory

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

Continuous protection to reduce risk and maintain production availability

Transcription:

SOLUTION BRIEF TRIPWIRE VIA PLATFORM PROTECTING YOUR DATA WITH INTEGRATED CONTROLS..: Tripwire security controls capture activity data from monitored assets no matter if you rely on physical, virtual, or cloud-based IT infrastructure. The Tripwire VIA platform provides the information you need to evaluate risk to your infrastructure and protect your sensitive data, all from a central, intuitive user interface..:. Cyber threats continue to grow, with attacks occurring more frequently and targeting valuable and sensitive data such as intellectual property, health and financial records, and more. Recent attacks on Sony, the IMF, Citibank, Lockheed Martin, the CIA and RSA are proof of this trend. In addition, enterprise IT infrastructure has more servers and devices than ever, with organizations relying on a combination of virtual, physical and cloud environments. While organizations often have preventive, detective and corrective security controls, rarely are they effectively integrated with each other. They re also being used to protect a security perimeter that is now more porous than ever. As a result, continuously managing these controls in the traditional, non-integrated way has become ineffective, timeconsuming and expensive. Something has to change. The modern enterprise requires a new defense paradigm to protect their business from security threats. Not perimeter-based, but data-centric, and that can readily combine key information from multiple critical security controls to easily identify risks and threats and protect critical infrastructure and sensitive data. This new paradigm must also streamline and simplify the job of managing the data these controls generate. Tripwire VIA, an integration platform for your critical security controls, provides this much-needed new approach. THE TRIPWIRE VIA PLATFORM PROACTIVE AND CONTINUOUS DATA PROTECTION The Tripwire VIA platform changes the way organizations protect their critical data by combining protective, detective and corrective controls to prevent

breaches from occurring, detect threats as they arise, and correct settings that introduce security risk or non-compliance. By integrating protective security controls and continuous monitoring across those controls, the Tripwire VIA platform lets you combine, view and act on the valuable data your controls provide in new ways that improve security and ensure continuous compliance. But it provides much more. The platform also: Helps you manage monitored assets more intuitively and in the context you need for example, by risk level, geographic location, and business unit. Includes proprietary Tripwire security content that immediately protects against the most common attacks by hardening configurations and identifying suspicious behavior. Lets you use data from the various controls for analytics and reporting in Tripwire dashboards and reports, third party reporting or business intelligence tools. Unifies security control through automated workflows to address key IT security needs for example, correlating change and security event data to highlight events of interest. CONTROLS IN THE TRIPWIRE VIA PLATFORM Numerous industry sources like the SANS Institute and the National Institute for Standards and Technology (NIST) voice the need for critical controls to protect sensitive data. They have even defined the critical security controls required to protect your organization. The Tripwire VIA platform offers three of these foundational security controls security configuration management (SCM), file integrity monitoring (FIM), and log management along with other important Security Incidents on the Rise, Current Use of Controls Ineffective It s not a matter of if, but when an organization will be attacked. The organizations researched experienced 50 successful attacks per week, and more than one successful attack per company per week. Collectively, over 80 percent of the organizations experienced a data breach in the past year. (Source: Second Annual Cost of Cybercrime Study by Ponemon Institute, released August 2011). From 2005 to 2010, 787 million records were stolen in 3000+ security incidents. By mid-2011, 127 million more records had already been stolen in 369 incidents. (Source: Open Security Foundation DataLoss DB Year-to-Date Report updated July 21, 2011, from http://datalossdb.org) In 2010, 87 percent of organizations had evidence of a breach in their log files that went unnoticed. (Source: Verizon 2011 Data Breach Investigations Report) security controls like security information and event management (SIEM) and automated configuration remediation. It offers these controls through two industry-trusted solutions: Tripwire Enterprise and Tripwire Log Center. Policy Management File Integrity Monitoring PLATFORM LAYER CONTROLS Security Configuration Management Configuration Remediation Tripwire Enterprise, a complete SCM product suite, prevents data compromise by reducing the attack surface through security hardening of IT systems. Tripwire Enterprise includes Tripwire s Policy Manager, File Integrity Manager and Remediation Manager to Content Context Analytics Workflow API LAYER AGENT LAYER..: FIG. 1 Tripwire VIA platform layers, controls and components. Log and Event Management Log Management SIEM

TRIPWIRE VIA PLATFORM COMPONENTS Component Type Explanation For Example Content Context Analytics Workflow Rules and policy libraries that help harden systems, detect malicious activity and meet compliance requirements. Tools that enable users to see activity data, assets and other relevant security items in a big picture view. Tools that support business decision making by using data provided by security controls. Tools that enable solutions to communicate with each other to support activities like sharing data. Cybercrime Controls. Select, foundational set of Tripwire proprietary security content that protects against the most common types of attacks on servers, and hardens systems based on industry-recognized IT security sources such as the Center for Internet Security. Regularly updated and expanded, and available as a customer download. Events of Interest. Change data and security data alone can give some indication of threats to security. But by integrating and correlating Tripwire FIM and SCM with Tripwire SIEM through the Tripwire VIA platform, you can see what change and events occurred around one or more security events or vice versa to more definitively identify, prioritize and investigate events of interest. Tripwire VIA Configuration Data Mart. Currently, there s no standard way to collect and consolidate data from controls for easy use in third-party tools for business decision making. The Configuration Data Mart collects configuration data in a standard way so it can be used with Tripwire reports and dashboards as well as with third-party reporting, business intelligence and analysis tools. Integrations and APIs. Tripwire VIA provides an extensible platform for integrating a variety of security controls as well as third party business intelligence and reporting tools. For example, the Event Integration Framework enables SIEM solution data to be easily viewed within the context of industry-recognized change data generated by Tripwire Enterprise...: FIG. 2 Tripwire VIA helps you get more value from your security controls through centralized security content, context, analytics and workflow components. rapidly achieve and maintain a foundational state of security throughout your IT infrastructure. Tripwire Log Center combines log and SIEM capabilities in a single product suite to help you respond to IT security threats in real time and provide you with forensic evidence to investigate a breach. With Tripwire VIA, you can integrate, automate, and centrally manage the following foundational security controls: Tripwire Policy Manager. Policy Manager hardens configurations by assessing them against government and industry regulations and standards, as well as internal security policies. Tripwire offers the most extensive security and compliance policy library in the industry and ensures you have the most up-todate policy protection for your critical configurations. Tripwire File Integrity Manager. Tripwire s best-of-breed FIM solution establishes a known and trusted state baseline for all monitored IT assets in heterogeneous IT environments. It then detects all changes to these assets in real time, determining if the change introduces risk, is unauthorized or unexpected, or impacts compliance status. File Integrity Manager captures who, what, where and when details of each change with minimal performance impact. Tripwire Remediation Manager. Remediation Manager automatically returns a configuration to a known and trusted state. It also supports review workflows to ensure that remediation is requested, approved and implemented according to your policies. Tripwire Log Management. Tripwire s log management solution efficiently captures and stores activity data from your IT assets, including servers, devices and applications. Because it stores this data in a highly searchable format, organizations have an audit trail for forensic investigation and proof of compliance. Activity data can also be THE SIMPLE NATURE OF MOST SUCCESSFUL ATTACKS.:. Many of today s successful attacks could have been easily prevented. The Verizon 2011 Data Breach Investigations Report noted that 92 percent of all successful attacks investigated were not highly difficult, and 96 percent could have been prevented with only simple or intermediate controls properly implemented..:.

combined with other critical event data for more effective incident management. Tripwire Security Information and Event Management (SIEM). Tripwire SIEM immediately detects and alerts IT to security events of interest occurring across firewalls, intrusion detection systems, vulnerability scans and more. With Tripwire VIA, even SIEM event data from 3 rd -party tools can be correlated with FIM change data and SCM state/policy data to help identify suspicious activity. PRE- AND POST-INCIDENT PROTECTION WITH TRIPWIRE VIA Tripwire VIA protects the infrastructure before an incident occurs and helps you recover, should you experience one through visibility, intelligence and automation. Security dashboards reveal settings that need remediation and the Tripwire VIA Asset View lets you quickly view your assets in whatever context you need both examples of how Tripwire VIA provides unmatched visibility to security-related activity across the infrastructure. The platform also provides the intelligence you need to defend against attacks and detect breaches before they cause significant damage. For example, with policies that harden critical configurations, Cybercrime Controls that automatically detect specific breach methodologies and malicious activity, and change intelligence from ChangeIQ that helps you focus on the changes that pose the biggest security threats. Automation underlies these capabilities, enabling security professionals to realistically and effectively manage the volume of activity that occurs across the infrastructure every day. For example, Remediation Manager automatically returns configurations to a known and trusted state, Tripwire FIM generates alerts when it detects a suspicious change, and Hyperlogging immediately detects disabled logging on critical assets and within seconds automatically re-enables it. And if you do experience an incident, Tripwire helps you quickly recover before significant damage can occur. With automated reports and dashboards, you can see what s happening now, but you also have proof of past activity for audits and forensic investigations. UNPRECEDENTED DATA PROTECTION WITH THE VIA PLATFORM The sheer number of attacks and records stolen in the last year points to the need for a new approach for protecting your sensitive data and critical infrastructure. The Tripwire VIA platform meets that need with visibility, intelligence and automation. By integrating and automating your critical security controls, Tripwire VIA provides unprecendented data and infrastructure protection. Reduce the attack surface of your infrastructure, detect security threats and risk, and quickly respond to events before suffering financial and brand damage. More integrated, more automated it s a new way to take control. HIPAA WHITE PAPER HIPAA WHITE PAPER HIPAA WHITE PAPER Repurpose callout from TEPB directing readers to additional pieces (TEPB, TLCPB, Report Catalog, LOOKING FOR ADDITIONAL INFORMATION? VISIT TRIPWIRE.COM/VIA etc. HIPAA PROVISIONS ECURITY INSIDER BASEL II SYSTEM MiFID SECUR REACHES COBIT INSIDER ISO27001 SYSTEM GLBA ERC INSIDER ECURITY SOX FAILED AUDITS INSIDER INSIDER BASEL II SYSTEM VIOL MiFID SECUR ONS BASEL REACHES II SYSTEM COBIT INSIDER MiFID COBIT INSIDER ISO27001 AUDITS SYSTEM GLBA VIOLATIO O27001 SYSTEM ERC INSIDER GLBA SOX FAILED AUDITS INSIDER SOX FAILED INSIDER AUDITS BASE VIOL YSTEM ONS BASEL MiFID II SYSTEM MiFID COBIT INSIDER COBIT FAILED FAILED INSIDER AUDITS AUDITS AUDITS BASEL II SYSTEM SYST VIOLATIO MiFID SECUR UTAGES GLBA O27001 SYSTEM COBIT GLBA INSIDER SOX FAILED AUDITS INSIDER SOX BASEL ISO27001 II SYSTEM MiGLBA BASE ECURITY YSTEM COBIT ERC INSIDER MiFID SOX FAILED COBIT AUDITS INSIDER FAILED AUDITS ISO27001 INSIDER SYSTEM FAILED GLBA SECUR AUDITS SYST VIOL REACHES UTAGES INSIDER GLBA ONS BASEL SOX II SYSTEM FAILED AUDITS INSIDER MiFID SOX COBIT BASEL INSIDER II SYSTEM MiFID FAILED BASEL AUDITS II SYSTEM Mi VIOLATIO OBIT INSIDER ECURITY O27001 FAILED COBIT SYSTEM AUDITS INSIDER GLBA FAILED AUDITS INSIDER SYSTEM SOX GLBA ISO27001 FAILED AUDITS SYSTEM NEGLBA SECUR BASE SIDER REACHES FAILED YSTEM INSIDER AUDITS MiFID SOX FAILED AUDITS BASEL COBIT INSIDER II SYSTEM MiFID BASEL FAILED II SYSTEM AUDITS MiFID COBIT INSID SYST HREATS OBIT FAILED INSIDER AUDITS UTAGES GLBA FAILED AUDITS ISO27001 INSIDER SYSTEM SOX GLBA FAILED AUDITS SYSTEM INSIDER GLBA BASEL S II SYSTEM NE Mi AILED AUDITS SIDER ECURITY FAILED AUDITS COBIT INSIDER INSIDER FAILED AUDITS BASEL AUDITS II SYSTEM MiFID BASEL ISO27001 II SYSTEM SYSTEM OUTAGCOBIT INSID GLBA SECUR FID HREATS FAILED REACHES COBIT AUDITS INSIDER INSIDER FAILED SOX ISO27001 AUDITS SYSTEM GLBA ISO27001 BASEL II SYSTEM INSIDER GL MiFID S ECURITY AILED AUDITS OBIT INSIDER SOX FAILED INSIDER AUDITS AUDITS BASEL II SYSTEM SYSTEM MiFID BASEL SECUR GLBA II SYSTEM OUTAG NE REACHES COBIT FID INSIDER SIDER COBIT FAILED INSIDER AUDITS FAILED AUDITS BASEL SYSTEM II SYSTEM GLBA ISO27001 MiFID SYSTEM GL COBIT INSID ERC INSIDER ECURITY SOX HREATS FAILED INSIDER AUDITS SOX FAILED AUDITS BASEL ISO27001 II SYSTEM SYSTEM MiFID BASEL GLBA II SYSTEM COBIT MiFID INSIDER SECUR S DER REACHES COBIT INSIDER AUDITS AUDITS ISO27001 INSIDER SYSTEM FAILED GLBA AUDITS SYSTEM GLBA INSIDBASEL II SYSTEM OUTAG HREATS SOX ERC FAILED INSIDER AUDITS FID SOX FAILED AUDITS COBIT INSIDER BASEL II SYSTEM FAILED BASEL MiFID AUDITS II SYSTEM MiFID COBIT INSIDER ISO27001 THREA SYSTEM COBIT GL DCC DER ECURITY AUDITS INSIDER SYSTEM SOX FAILED GLBA ISO27001 AUDITS SYSTEM GLBA BASEL II SYSTEM INSID MiFID SECUR HREATS SOX REACHES COBIT INSIDER BASEL AUDITS II SYSTEM MiFID SYSTEM COBIT INSIDER GLBA THREA DCC ERC INSIDER SOX SYSTEM GLBA BASEL II SYSTEM MiFID COBIT DER AUDITS ISO27001 SYSTEM GLBA INSID HREATS SOX BASEL II SYSTEM MiFID COBIT INSIDER THREA DCC SYSTEM GLBA IT AND COMPLIANCE AUTOMATION SOLUTIONS HIPAA PROVISIONS IT AND COMPLIANCE AUTOMATION SOLUTIONS HIPAA PROVISIONS IT AND COMPLIANCE AUTOMATION SOLUTIONS Tripwire VIA products brochure Tripwire Enterprise product brief Tripwire Log Center product brief

..: Tripwire is a leading global provider of IT security and compliance automation solutions that help businesses, government agencies, and service providers take control of their physical, virtual, and cloud infrastructure. Thousands of customers rely on Tripwire s integrated solutions to help protect sensitive data, prove compliance and prevent outages. Tripwire VIA, the integrated compliance and security software platform, delivers best-of-breed file integrity, policy compliance and log and event management solutions, paving the way for organizations to proactively achieve continuous compliance, mitigate risk, and ensure operational control through Visibility, Intelligence and Automation. :. LEARN MORE AT WWW.TRIPWIRE.COM AND @TRIPWIREINC ON TWITTER. 2011 Tripwire, Inc. Tripwire, VIA and ChangeIQ are trademarks of Tripwire, Inc. All other product and company names are property of their respective owners. All rights reserved. xxxxxxx1a 201X/XX

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback