Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, announced the new Whitelist Profiler app for Tripwire® Enterprise. The new app provides audit-ready documentation for all major compliance requirements by providing continuous analysis of essential hardware and software configuration settings, including exceptions and waivers.
The Tripwire Whitelist Profiler app enables enterprises to create automated, comprehensive, customizable reports of required or permitted system settings for over 600 policy and platform compliance requirements. Each item in the whitelist is compared against the current system settings, and a report based on the results is generated. If the configuration matches designated settings, the report will provide details on the authorized changes; however, if discrepancies between the configurations are found the report will include both an exception and an alert.
If the exception is warranted, detailed, audit-ready documentation can be added inside the app, including:
- Exception date and authorization.
- Exception justification.
- Reference documentation by process citation or URL.
“Reporting on compliance discrepancies, gaps or unauthorized changes is only half of what auditors need to know,” said Tim Erlin, director of IT risk and strategy for Tripwire. “Organizations need to provide up-to-date detailed documentation on approved waivers. Without these capabilities, security and IT teams have to cope with time consuming, manual processes in order to create the documentation auditors require.”
The new app provides comprehensive visibility into four key configuration settings, which are crucial to compliance and security posture:
- Enabled network ports.
- Running OS services.
- Installed software.
- Active user accounts, including password aging.
Every compliance framework, including the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS) and the North American Electric Reliability Corporation Critical Infrastructure Protection standards (NERC CIP), requires its own set of secure configuration settings. In order to meet compliance requirements, organizations must continuously monitor and report on authorized configuration settings, carefully documenting any exceptions and waivers. Often beyond the scope of traditional configuration management and whitelisting tools, these requirements involve significant manual effort for IT and security teams.
The Tripwire Whitelist Profiler app is part of a family of productivity tools designed to expand Tripwire Enterprise scalability and workflow efficiency. The apps also broaden automated integration with a wide range of IT toolsets.
About Tripwire
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.