Tripwire adds security policy management

Applying strong policies to the management of cloud services is increasingly being seen as a primary tool in creating secure environments, and providing a management environment for those policies has been the target with the latest, Version 8.3, of Tripwire Enterprise.

Developed by US-based Tripwire Inc., a specialist in risk-based security and compliance management solutions, this latest version now includes Policy Manager. This is a stand-alone policy management tool that provides detailed visibility into the system configurations that are critical to minimising security risks and ensuring compliance.

Getting IT infrastructure configured properly is not only a crucial component of cyber-security: it is also a requirement of every major compliance regulation. The trouble for many businesses, however, is that the rapid rate of change across enterprise network devices, operating systems and applications makes it difficult to maintain continual visibility into system configurations and control their compliance status.

But without this visibility, it becomes extremely difficult to detect early indicators of a cyber-security attack, let alone respond to them quickly.

Another factor is the negative impact core business activities, for it is both time-consuming and costly to provide the necessary evidence of compliance to the increasing number of internal and external policies and regulations that now directly affect enterprises.

Tripwire Policy Manager uses Tripwire’s own, customisable policy library, which is itself sourced from 20 global, international and U.S. policy-making bodies, including the Payment Card Industry Data Security Standard , Center for Internet Security benchmarks, International Organization for Standardization, Health Information Portability and Accountability Act, Federal Information Security Management Act, Defense Information Security Agency Security Technical Implementation Guides, SANS Institute 20 Critical Security Controls, North American Electric Reliability Corporation Critical Infrastructure Protection, National Institute of Science and Technology (NIST) draft frameworkfor critical infrastructure cybersecurity, Sarbanes-Oxley, and CESG Good Practice Guide.

This library supports over 250 policy-platform combinations for operating systems including Windows, Solaris and AIX; a wide variety of database vendors including IBM DB2, Oracle and MS SQL Server; and numerous application and network devices. It offers over 189,000 ready-to-use configuration tests, which provides visibility, assessment and remediation of thousands of configuration variables.

The latest version of Policy Manager also includes Tripwire Cyber Crime Controls, a customised set of tests and rules based on CIS benchmarks that allow users to quickly get a clear picture of their current malware defenses. It can immediately identify early breach indicators and take an exception-based approach to managing security configuration changes.

It can also identify the configuration changes used in the most common cyber-security attack vectors, allowing users to quickly identify and focus resources on changes that present the most significant security risks.

“Tripwire Policy Manager provides users with a huge range of flexibility, making it far easier to reduce their attack surface and prevent cyber-security breaches,” said Steve Hall, director of product marketing at Tripwire. “Users can try SecureCheq,a free version of Policy Manager, and get access to a half dozen critical vulnerability checks as well as detailed remediation advice. Policy Manager expands on the coverage available in SecureCheq to provide more comprehensive coverage across the enterprise. It’s the equivalent of locking the doors and windows across your entire network.”