Tripwire says that Tripwire® Enterprise coverage for security policy and regulatory compliance increased by over 200 new policies across 26 policy types between Q1 2015 and Q1 2016. During this same time frame Tripwire also retired 100 outdated policies. By dramatically simplifying visibility, automation, assessment and remediation of thousands of configuration variables, and with a library of nearly 700 policy and platform combinations, Tripwire Enterprise provides the broadest, most comprehensive security and compliance coverage in the industry. Tripwire Enterprise delivers proactive configuration hardening, endpoint change detection and remediation, and provides audit-ready compliance reports. The Tripwire Enterprise policy library supports a wide range of operating systems, including Windows, VMware, ESXi, SUSE and Amazon Linux; a wide variety of database vendors, including IBM DB2, Oracle and Microsoft SQL Server; and numerous enterprise applications and network devices. It offers over 28,000 unique, ready-to-use tests to quickly assure system integrity and policy compliance and proactively detect endpoint threats. Tripwire Enterprise also offers easy-to-build custom rules that allow security and IT professionals to address compliance and security issues unique to their businesses.
“Ensuring your IT infrastructure is configured properly is a crucial component of cybersecurity and is required by every major security framework and compliance regulation,” said Dwayne Melancon, chief technology officer for Tripwire. “Maintaining secure configurations is the foundation that enables organizations to detect attacks early, and it makes it possible for them to respond quickly before significant damage is done. The Tripwire Enterprise policy and platform coverage library is the most comprehensive in the industry, and we will continue our commitment to deliver a broad library of internal and external policies and regulations affecting enterprises.”
New Tripwire Enterprise policy coverage includes:
New platforms:
- VMware ESXi 6.0.
- Windows 10.
- IIS 8.
- Red Hat Enterprise Linux 7.
- Solaris 11.
- Oracle 11g R2.
- Oracle 12c.
- SUSE Linux Enterprise Server.
- Microsoft SQL Server 2014.
- Cisco IOS 15.
- Apple OS X 10.8.
- CentOS 6.
- CentOS 7.
New NERC Industrial Control Systems ( ICS ) Devices:
- GarrettCom DX940.
- GarrettCom 10RX.
- NovaTech Orion.
Expanded Tripwire Enterprise policies include:
- North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) version 5.
- Payment Card Industry Data Security Standards (PCI DSS) version 3.1.
- Control Objectives for Information and Related Technology (COBIT) version 5.0.
- Information Technology Security Guidance (ITSG-33).
- Sarbanes-Oxley (SOX) updated for COBIT version 5.0.