PRESS RELEASE

PORTLAND, Ore. — October 29, 2014 — Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced new integration between Tripwire® Enterprise and Tripwire IP360 TM that delivers Adaptive Threat Protection. The integration and automation make it possible for users to respond faster and with precision to cybersecurity threats and vulnerabilities through continual, automated analysis of the enterprise attack surface. The combined solution can automatically adjust security controls in response to changing cyberthreat conditions, significantly reducing overall enterprise cybersecurity risk.

Tripwire’s adaptive threat protection enables Tripwire Enterprise to leverage the vulnerability intelligence provided by Tripwire IP360 to correlate, prioritize and filter system configuration changes with vulnerability risks. This dynamic intelligence can be used to automatically adjust monitoring and policy application within user-specified parameters. The resulting combined view of change and vulnerability risk makes it easy to quickly identify unauthorized changes on high risk assets and prioritize remediation responses based on vulnerability risk and change activity.

PricewaterhouseCoopers’ most recent Global State of Information Security Survey report states that the number of detected security incidents soared to a total of 42.8 million in 2014 – a 48 percent leap from 2013. According to the report, cyberthreats have grown at a compound annual growth rate (CAGR) of 66 percent year over year since 2009. Because these numbers represent only incidents detected and reported, changes in the threat landscape are actually escalating faster than these numbers indicate.

In this rapidly changing threat environment, automated detection of the subtle changes that indicate a cyberattack is in progress requires rich security telemetry that is capable of accurately detecting a wide variety of illusive changes across a diverse set of network devices. Extending this level of security monitoring precision to an ever-increasing number of devices and endpoints has resulted in a deluge of change data, making it difficult for enterprises to quickly find and respond to malicious changes that may indicate a cyberattack is underway.

“Enterprises need reliable, real-time data to quickly discover and react to advanced cyberattacks,” said Charles Kolodgy, vice president of security products at IDC. “The ideal solution automates the monitoring and tuning of proactive and reactive security controls.  This automation reduces the time required to detect, prioritize, and remediate cybersecurity threats.”
Key features of Tripwire Adaptive Threat Protection include:

· An integrated view of enterprise security posture based on detailed and precise consolidated vulnerability and change intelligence that dramatically accelerates threat detection and prioritization.

· Continuous attack surface analysis that makes it possible for users to rapidly identify the most critical security issues using business impact and visual vulnerability risk matrix scoring in Tripwire IP360.

· Significant reduction of enterprise security risks through rapid identification and response to specific vulnerabilities and malware like ShellShock and Heartbleed from a continually updated library of over 64,000 vulnerability checks.

· Continuous security control automation that allows users to highlight suspicious changes on devices running applications associated with specific threats and data exfiltration as well as applications prohibited by policy such as  cloud-sharing services like Dropbox and Google Drive.

· Improved operational efficiency by intensely monitoring devices at risk from easily exploited vulnerabilities using dynamic threat information filters, such as the availability of exploit kits and automated exploit tools.

“The integration of threat and vulnerability information into security configuration management makes it possible to pinpoint the biggest security issues as they are happening and focus security response on your most valuable assets,” said Dwayne Melancon, chief technology officer for Tripwire. “This integration also makes it possible for security teams to provide rapid, definitive answers to the most critical questions businesses are asking about security: Are we vulnerable? How long will it take to find out? How long will it take to mitigate these risks?”

For more information, please visit: http://www.tripwire.com/register/tripwire-vulnerability-intelligence-enabling-adaptive-threat-protection/.

About Tripwire
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.  Learn more at www.tripwire.com, get security news, trends and insights at http://www.tripwire.com/state-of-security/ or follow us on Twitter @TripwireInc.