TL; DR: For two decades, Tripwire has stood at the forefront of security, compliance, and IT operations, helping thousands of businesses and more than half of the Fortune 500 protect their data online. The company’s long history and expertise provides an optimal vantage point to understand how threats emerge and evolve in today’s fast-moving technological landscape. Tripwire’s solutions deliver the most critical security and controls and have been developed to prevent the headaches and heartaches associated with lost time and revenue caused by data breaches. With a toolbox full of instruments to identify, mitigate, and respond to online attacks, and a dedication to innovation by deepening data reporting, Tripwire is sure to continue its rich tradition of safeguarding the online assets of modern businesses around the world well into the foreseeable future.
The increasing prevalence of data breaches has desensitized many of us to the news of attacks on the networks of large businesses and organizations. But, with institutions housing a vast number of personal and proprietary data on more connected devices and networks, plus the world’s growing reliance on web-based systems crucial to maintaining infrastructure and operations, these intrusions should remain front-page fodder.
A recent and especially insidious attack came in June of 2017 in the form of a new type of ransomware that crippled the networks of companies across continents. Ukraine, where the malware originated, was the hardest hit and suffered major barrages to its government organizations, banks, businesses, and other infrastructure-integral institutions that brought the country’s operations to a screeching halt.
To prevent exposure to such hazards, modern organizations must employ a robust online security solution capable of adapting to the ever-changing threat matrix. And, for 20 years, Tripwire has been providing thousands of enterprises just that.
Tripwire’s two-decade history in the security space places the company in a perfect position to understand how threats emerge and evolve to target businesses in the modern technological landscape. Tripwire delivers the most critical security controls, helping customers understand their attack surface, minimize it, and effectively manage it. Effective protection begins with vulnerability intelligence to keep networks secure, and, when combined with logging, compliance, and file integrity tools, Tripwire’s risk assessment consultation has saved its partners countless hours and revenue from would-be attacks.
“My goal with Tripwire right now is building the intelligence behind what our product can do,” said Travis Smith, Tripwire’s Senior Security Researcher. “It’s all in the amount of data you collect and how accurate it is.”
With a knowledge base that’s 20 years in the making, Tripwire can provide organizations the insights and tools they need to identify, respond to, and mitigate online threats.
20+ Years in Web Security Provides Deep Insight Into How Threats Evolve
Since 1997, Tripwire has been helping enterprises and more than half of the Fortune 500 detect and protect against attacks with an integrated solutions portfolio that includes file integrity monitoring, configuration management, asset discovery, vulnerability management, and log collection. Among the first of Tripwire’s projects was the initial source code created by co-founder Gene Kim.
Travis told us that over the course of the company’s 20-year history the code has evolved from an open-source version of an intrusion detection monitor into an enterprise-grade security solution.
“If you look at the way attackers work — whether that is 20 years ago or 20 days ago — it all comes down to something changing in the environment,” Travis said. “The tools that criminals are using to try to break into an environment are changing all the time.”
Traditionally, security companies have used signature-based detection tools to identify suspect code lurking among seemingly legitimate data. Although these tools have fallen out of relevancy, companies, like Tripwire, have evolved their means of detection to keep pace with web criminals.
The changes Travis mentioned can include modifications to files, directories, ports, and services. Unmonitored, these alterations can leave systems open to attack, and many of Tripwire’s tools specialize in preventing these vulnerabilities.
In 2005, Tripwire Enterprise was released as the company’s flagship product. Tripwire Enterprise manages IT configurations, which are common targets among attackers.
In 2010, Tripwire Log Center was released, making early and rapid detection of complex attacks possible. Adding to its already robust portfolio of solutions, Tripwire acquired nCircle in 2013 to continue its dedication to delivering reliable, customer-driven security solutions.
Customer-Focused Solutions to Identify & Mitigate Online Hazards
Tripwire features a comprehensive toolset of foundational security controls — complete with monitoring and risk assessment — that saves businesses time and money by keeping data safe and operations running.
“So many people choose Tripwire over other vendors because we’re one of the oldest in the market,” Travis said. “We take a lot of pride in our products.”
Time and cost can be saved with regard to compliance audit preparation and data loss prevention. Tripwire’s solutions include file integrity management, policy enforcement, and data logging to monitor all points of change within an infrastructure.
“We try to solve problems depending on what a customer specifically needs,” Travis said. “It’s what drives our product development.”
Construct a Fortified Enterprise Foundation With a Comprehensive Tool Set
Tripwire Enterprise features a portfolio of configuration management tools that assist with remediation, integrity, and policy management. The solution offers real-time detection and deep system visibility to reveal hidden vulnerabilities and limit damage from threats.
This suite is capable of monitoring the integrity of files, registries, ports, services, and parameters. Workflows may also be monitored using SIEMs and IT-GRC.
Tripwire’s vast library of 800 supported policies ensures enterprises easily comply with regulatory stipulations.
“We have a huge library of content for configuration benchmarks,” Travis said. “This allows us to show our partners exactly what a secure Windows operating system looks like, for example.”
File Integrity Management & Monitoring to Protect Your Organization
“We have many vulnerability management products,” Travis said. “We can take logs and tie those into what we know to give you a very quick view of your security.”
FIM intuitively assesses and prioritizes detected changes, sorting between high- and low-risk changes. IT teams can then more easily determine non-compliance and vulnerability risk. FIM also features automated configuration remediation for quick compliance audits. Like Tripwire Enterprise, FIM can integrate with SIEM and Tripwire Log Center for more thorough infrastructure management using data tags.
Additionally, Tripwire ExpertOps provides a turnkey system integrity solution with tailored advice and audit support. As with FIM, ExpertOps distinguishes authorized, low-risk changes from high-risk ones. Policies are scored and weighted, and are also highly customizable to fit the needs of clients while maintaining compliance. ExpertOps operates on the Microsoft Azure cloud platform, making it a secure and scalable means of visibility and management.
Measure Network Risks & Respond to Emerging Dangers
In addition to FIM, ExpertOps, and Enterprise tools, Tripwire provides assessment and protection with its IP360, Log Center, and Connect products. IP360 ranks vulnerabilities regarding applications and devices with a scoring system that analyzes ease of exploit and predictive impact.
Assessment results can be shared with existing IT systems using open APIs. Tripwire Log Center allows users to investigate outages and other events. Log Center can integrate with Enterprise and IP360 to identify anomalous events. Tripwire Connect brings data from other Tripwire consoles together rapidly by using reduced bandwidth. Connect provides a centralized and visual approach to data reporting.
Up Next: Cloud Integration & Deeper Data Reporting
Large companies, including FedEx and AAA, employ Tripwire’s tools to build comprehensive security strategies to protect data. Tripwire has been tweaking its software, originally created in 1997, for more than 20 years to stay relevant in the changing environment.
Today, Tripwire continues its practice of providing a multitude of tools to mitigate vulnerabilities before they are exploited, keeping with the dynamic nature of the web security industry. Enhanced data reports, along with cloud integration, make for the quickest and most helpful insight into possible risks.
“We are now doing integration with cloud providers,” Travis said. “There are a lot of benefits in switching to cloud providers, but there are a lot of security implications as well.”
Not only are on-premises devices in need of monitoring, but applications and connections to the cloud must be kept safe as well. The growing popularity of cloud-based computing provides unique security challenges that Tripwire seeks to resolve.
Travis told us Tripwire recently released a reporting platform that brings all the data from its products into a centralized pane. This way, used together with Tripwire Connect, data can be aggregated across departments to provide insightful visuals.
While new hazards, like the June 2017 Ukrainian ransomware outbreak, will undoubtedly continue to endanger modern organizations, Tripwire remains dedicated to stopping these threats in their tracks. As one of the oldest and most knowledgeable platforms in the web security space, Tripwire’s award-winning products are sure to continue to safeguard the online assets of institutions across the globe.