How Attackers Exploit People to Circumvent Cyber... » LONDON, UK: Proofpoint, Inc. has released the results of its annual study that details the ways atta... Check Point and FireEye announce new partnership t... » San Francisco, CA: Check Point Software Technologies Ltd and FireEye have announced a partnership to... gateprotect offers companies high security encod... » Hamburg: gateprotect GmbH, a German IT security specialist and subsidiary of the Rohde & Schwarz cor... BeyondTrust Solution for Privileged Account Manage... » PHOENIX: BeyondTrust has announced that the company’s PowerBroker for Windows has been selected as a... The end of Goodluck and the beginning of the Buhar... » Against all odds, the 2015 Presidential election initially billed for February 14, but rescheduled t... Thales announces integration of nShield with Citr... » San Francisco, CA and Plantation, Fla.:  Thales has announce the integration of its nShield hardware... Thales wins with customer Qube Cinema 2015 InfoSec... » Thales has won the silver award for Best Deployment and Case Study in InfoSecurity Products Guide Gl... Wick Hill now shipping Barracuda Mobile Device Man... » Woking, Surrey: Wick Hill is now shipping Barracuda’s Mobile Device Manager (MDM) solution with supp... Databarracks recognised in Gartner's Magic Quadran... » London: Databarracks has been recognised in Gartner’s Magic Quadrant for Disaster Recovery as a Serv... Campaigners draw up battle lines to boost power... » Gate safety campaigners are once again mounting a high profile drive to raise awareness of the safet...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

LONDON, UK: Tripwire, Inc., a global provider of risk-based security and compliance management solutions has announced Tripwire® Enterprise™ version 8.3 featuring a new, stand-alone Policy Manager™. Tripwire Policy Manager provides the detailed visibility into system configurations critical to minimizing security risks and ensuring compliance.

Ensuring IT infrastructure is always configured properly is a crucial component of cybersecurity and is required by every major compliance regulation. The rapid rate of change across enterprise network devices, operating systems and applications makes it difficult to maintain continual visibility into system configurations and control their compliance status. Without this visibility, it is extremely difficult to detect early cybersecurity attack indicators and respond to them quickly. It’s also time consuming and costly to provide evidence of compliance to the increasing number of internal and external policies and regulations affecting enterprises.

“Hardening and managing the security configuration of every device on your network is a ‘must-do’ part of any security program,” said Tony Sager, director of programs for the Council on Cybersecurity. “This is a prominent part of the SANS Top 20 Critical Security Controls because it is foundational to almost anything else in your security program.”

Tripwire Policy Manager, a key component of Tripwire Enterprise, is now available as a stand-alone, upgradable license to protect, detect and correct configuration hardening issues affecting IT infrastructure integrity. Tripwire Policy Manager uses Tripwire’s industry leading, customizable policy library drawn from 20 unique global, international and U.S. policy sources including:

· Payment Card Industry Data Security Standard (PCI DSS).

· Center for Internet Security benchmarks (CIS).

· International Organization for Standardization (ISO-27001).

· Health Information Portability and Accountability Act (HIPAA).

· Federal Information Security Management Act (FISMA).

· Defense Information Security Agency Security Technical Implementation Guides (DISA STIGS).

· SANS Institute 20 Critical Security Controls (20 CSC).

· North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP).

· National Institute of Science and Technology (NIST) draft framework for critical infrastructure cybersecurity.

· Sarbanes-Oxley (SOX).

· CESG Good Practice Guide (GPG-13).

Tripwire’s policy library supports over 250 policy-platform combinations for operating systems including Windows, Solaris and AIX; a wide variety of database vendors including IBM DB2, Oracle and MS SQL Server; and numerous application and network devices. It offers over 189,000 unique, ready-to-use configuration tests, dramatically simplifying visibility, assessment and remediation of thousands of configuration variables.

Policy Manager also includes Tripwire Cyber Crime Controls™, a customized set of tests and rules based on CIS benchmarks that allow users to quickly get a clear picture of malware defenses, immediately identify early breach indicators and take an exception-based approach to managing security configuration changes. Tripwire Cyber Crime Controls identify configuration changes used in the most common cybersecurity attack vectors, allowing users to quickly identify and focus resources on changes that present the most significant security risks.

“Tripwire Policy Manager provides users with a huge range of flexibility, making it far easier to reduce their attack surface and prevent cybersecurity breaches,” said Steve Hall, director of product marketing at Tripwire. “Users can try SecureCheq™, a free version of Policy Manager, and get access to a half dozen critical vulnerability checks as well as detailed remediation advice. Policy Manager expands on the coverage available in SecureCheq to provide more comprehensive coverage across the enterprise. It’s the equivalent of locking the doors and windows across your entire network.”