The sophistication and unrelenting frequency of internal and external security threats requires organizations to quickly make sense of large volumes of event and change information, yet this data often lacks the context needed to prioritize and distinguish suspicious activities. At the same time, organizations are forced to comply with a number of demanding regulatory mandates, such as PCI DSS, placing additional strain on the IT organization. In fact, in "The True Cost of Compliance," a benchmark study recently commissioned by the Ponemon Institute and Tripwire, respondents ranked PCI DSS among the most important (86 percent) -- and the most difficult (47 percent) -- to comply with among external compliance requirements.
The Tripwire VIA solutions allow organizations to tackle these issues head on, integrating out of the box to automatically correlate change and configuration data from one solution with log and event data from another. The platform provides IT security teams with visibility across silos of data to supply actionable intelligence that helps prioritize threats, and allows them to hone in on the most critical ones.
This intelligence can be used to reduce overall security costs by automating manual and repetitive compliance tasks, mitigating risk associated with internal and external threats, and enabling organizations to make faster, more informed decisions. The new release of Tripwire VIA introduces tighter integration across VIA's industry-leading functionality, enabling customers to more easily relate changes to events in context, locate nodes by IP address and elements by object identifier, and gain visibility into elements and events to perform in-depth investigations of activities.
Also available in the VIA solution is Tripwire's newest file integrity monitoring (FIM) solution to ease compliance headaches associated with the PCI DSS 2.0 standard -- which mandates proof that FIM solutions have been configured to find and alert on unauthorized changes to critical systems, configurations or content files. Building upon Tripwire's deep heritage in continuous file integrity monitoring, Tripwire File Integrity Manager offers industry-leading detection, analysis, alerting and remediation on unauthorized changes, supporting the standard's new v2.0-11.5.b testing procedure requirement.
Tripwire File Integrity Manager helps users achieve and maintain compliance with regulations such a Sarbanes-Oxley 404 (SOX), HIPAA, the ISO 27000 standards, and the EU Data Protection Directive, in addition to PCI, and is optimized for PCI DSS 2.0 and the changes to new v2.0-11.5.b.
Additional features now available in the Tripwire VIA platform include:
* cybercrime controls to actively mitigate cyber threats * Oracle Audit Log Collector, enabling the collection of log events from Oracle audit tables * improved interoperability in report CSV data export
"Tripwire has unparalleled expertise in file integrity monitoring, developed over more than a decade since we created the category, and FIM has long been an integral component of our approach to compliance and IT security," said Rekha Shenoy, Vice President of Marketing, Tripwire. "By introducing Tripwire FIM specifically optimized for PCI 2.0 requirements and offering the solution at a competitive price point, Tripwire is enabling merchant organizations of any size to easily incorporate best-of-breed monitoring and change management capabilities into their overall security strategies."
Tripwire VIA offers a comprehensive platform of industry-leading file integrity, policy compliance and log and event management solutions designed to help organizations proactively achieve continuous compliance, mitigate risk and ensure operational control. VIA's advanced continuous FIM capability combines multiple controls for total compliance assurance against the latest industry standards. Organizations are immediately alerted to any changes that indicate risk or non-compliance within events of interest, and can remain proactive in their defense against cyber attacks with:
* Cyber Controls: Prevent attacks by implementing secure configurations * Cyber Monitoring: Alert to attacks in-progress with prioritized, actionable data * Cyber Forensics: Respond from attacks with comprehensive audit data
Pricing and Availability Tripwire FIM is available now, starting at US$99.00 for a limited time. For more information, please visit http://www.tripwire.com. For more information on Tripwire VIA, please visit Tripwire at booth #1332 at the RSA Conference 2011 or online at http://www.tripwire.com/it-compliance-products/via/
About Tripwire Inc. Tripwire is a leading global provider of IT security and compliance automation solutions that help businesses and government agencies take control of their IT infrastructure. Thousands of customers rely on Tripwire's integrated solutions to help protect sensitive data, prove compliance and prevent outages. Tripwire VIA™, the comprehensive suite of industry-leading file integrity, policy compliance and log and event management solutions, is the way organizations proactively achieve continuous compliance, mitigate risk, and ensure operational control through Visibility, Intelligence and Automation. Learn more at www.tripwire.com and @TripwireInc on Twitter.