Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, announced the new Dynamic Software Reconciliation App for Tripwire® Enterprise. The new app provides users with a reliable and authoritative method to identify all legitimate changes seen during and after security patch installation.
The Tripwire Dynamic Software Reconciliation App dramatically reduces the time required for administrators to review the hundreds of system changes that occur during a Windows patching process. The Dynamic Software Reconciliation App automatically compiles lists of installed patches, queries Microsoft’s TechNet and Linux YUM repositories and fetches the file-level manifests for each patch. These manifests are then used to promote changes, offering a reliable and authoritative source to identify all valid changes. As a result, only changes made to the system that were not part of the approved patch are flagged.
“Reducing the signal-to-noise ratio in busy environments is a key requirement for identifying malicious behavior,” said Tim Erlin, director of IT risk and security strategy for Tripwire. “The less time that analysts spend reviewing events generated by approved changes, the more they can focus on identifying indicators of compromise that may indicate a successful cyberattack.”
On the second Tuesday of each month, Microsoft releases the newest security fixes for its Windows operating systems and related software applications. Patch Tuesday is a critical day for security professionals due to the massive amount of work and time involved in rolling out dozens of patches to enterprise systems. Code fixes deemed critical may be sent at any time of the month. According to a recent Tripwire study, only 10 percent of security professionals are confident in their patch management program. Some patches cause regression errors or problems with other applications and it can be difficult for administrators to precisely identify the origin of changes during the patching process.
The Dynamic Software Reconciliation App is part of a family of productivity tools designed to expand and improve Tripwire Enterprise scalability, workflow and efficiency. The apps also support automated integration with a wide range of IT toolsets.
About Tripwire
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.