Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

1/26/2010
02:43 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tripwire Intros Next-Gen SIEM Solution With Log Center

Tripwire Log Center dynamically analyzes event and change information

Portland, OR " January 26, 2010 - Tripwire', the leading global provider of IT security and compliance automation solutions, today announced a new log and event management software solution: Tripwire Log Center. Integrated with Tripwire's suite of industry-leading software, Tripwire Log Center is the first offering that dynamically analyzes event and change information. The result: intelligent threat control that makes it possible to achieve continuous compliance and non-stop security, without the cost and complexity associated with existing security tools.

When organizations fail to see the relationships between events and changes they leave themselves open to vulnerabilities and threats that could have been stopped. Tripwire Log Center provides the intelligence to recognize suspicious patterns across all events and changes. By combining event and change information, organizations get unparalleled visibility across their infrastructure. Sophisticated threat patterns are recognized instantly, so organizations can respond quickly and keep their data safe.

Traditional log management tools simply collect and store logs to meet audit requirements, but they don't provide the intelligence needed for real-time security. Existing SIEM systems offer intelligence, but without the performance and speed organizations need to log billions of events a day. And none of the traditional log management or SIEM systems provides the visibility into events and changes like Tripwire does. This means that organizations end up compromising. Tripwire offers an alternative. Tripwire Log Center combines event and change data without compromising on intelligence, performance and scalability. This means that companies have the security solution they need to respond to threats quickly and maintain continuous compliance without the complexity of traditional log and SIEM tools.

"At Terremark, we needed a single, intelligent solution that could manage massive amounts of logs from multiple customers, servers and security devices and from locations all around the world. We need to analyze this activity in real time and report and act upon events of interest. With Tripwire Log Center, we have a central console from which we can quickly take action on the suspicious activity: We find the important needle for our clients among the many massive haystacks of possible suspicious needles," says Pete Nicoletti, Vice President of Security Engineering at Terremark. "This intelligent capability not only helps us remain proactive in our defense against cyber attacks, but also frees up our security analysts to do what they do best, analyze and respond appropriately to real security events and protect the confidentiality, integrity and availability of our clients critical IT infrastructure."

Tripwire Log Center is the market's only all-in-one solution that provides intelligent log management, without the complexity of traditional SIEM systems. It offers the speed and scale of a flat file system, capturing hundreds of thousands of events a second in real-time, while also providing database-like querying and search capabilities for quick automated reporting, without system downtime. Log and event data is available stand alone or within Tripwire Enterprise, in a single dashboard.

Used as part of the integrated Tripwire suite of products, Tripwire Log Center gives customers unparalleled visibility by combining log and event management with Tripwire's file integrity and change intelligence capabilities.

"The security market has reached a critical inflection point. Record high cost and complexity paired with increasingly sophisticated threats have lead the market to a point where many are shifting from threat focused controls, to target focused visibility," said Joshua Corman, The 451 Group's Research Director for the Enterprise Security Practice. "The 451 group is encouraging an evolution and expansion from prevention to increased detection and response. If the recent Aurora events have taught us anything, our legacy anti-threat will be undermined by the reality of APTs (Advanced Persistent Threats). We should have tools to notice the changes, listen for the whispers and echoes, and maintain the vigilance to respond. This shift can only benefit vendors like Tripwire going forward." The market leader in file integrity monitoring and configuration control, Tripwire recognizes the critical role that understanding changes in the IT environment plays in ensuring data integrity and security. The ability to identify the events that lead to or result from change, determine how it happened and whether it constitutes a threat and then remediate accordingly is the key to enabling continuous compliance, operational control and protecting critical data. Tripwire's VIA Suite automates security and IT compliance offering control over file and configuration changes, critical log and event data, and virtual configurations. Tripwire's VIA Suite extends visibility, intelligence and automation across the entire IT infrastructure, allowing IT management to take control of security and prove IT compliance.

By integrating file integrity monitoring and compliance policy management with log and event management, Tripwire enables its customers to gain control of their entire IT infrastructure. More than 100 customers are already taking advantage of Tripwire Log Center's unique blend of technologies that provide visibility, intelligence and automation without the complexity associated with traditional systems.

"Our customers need solutions that truly automate security and compliance projects to save them time and money," said Dan Schoenbaum, Chief Operating Officer of Products for Tripwire. "Adding Tripwire Log Center to our product portfolio alongside the award-winning Tripwire Enterprise product family helps customers take control of their IT infrastructure while adhering to compliance regulations defined by government and industry."

Product Features

Tripwire Log Center provides constant security and compliance with features including:

A single product that offers Log Management and SEM (Security event management)

Dynamic Activity Analysis " monitoring of all events and changes in real-time to ensure that all threatening activities are acted upon

Real-Time Threat Monitoring " rich dashboards and custom notifications provide the real-time visibility and automatic alerting needed to monitor all security threats instantly

Automated Event Response - automates response to suspicious activities before they impact critical systems

Comprehensive Log Management " provides comprehensive log management with lightning-fast reporting to prove compliance quickly

Integrated Configuration Control - captures every activity for instant alerts of suspicious events and stores all the raw activity histories to meet audit requirements

Pricing and Availability

Tripwire Log Center is available immediately and is priced upon total EPS (events per second), delivered as a software solution, and provides unprecedented flexibility, performance and scalability. Tripwire Log Center's all-in-one solution for log & security event management is available today and organizations can get started for less than $20,000.For more information, please visit http://www.tripwire.com/logcenter

About Tripwire

Tripwire is the leading global provider of IT security and compliance automation solutions that help businesses and government agencies take control of their entire IT infrastructure. Over 7,000 customers in more than 86 countries rely on Tripwire's integrated solutions. Tripwire VIA, the comprehensive suite of industry-leading file integrity, policy compliance and log and event management solutions, is the way organizations proactively prove continuous compliance, mitigate risk, and achieve operational control through Visibility, Intelligence and Automation. Learn more at www.tripwire.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5148
PUBLISHED: 2021-03-05
SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall a...
CVE-2020-36255
PUBLISHED: 2021-03-05
An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel) before 1.3.0. The Branca implementation allows an attacker to modify and forge authentication tokens.
CVE-2019-18351
PUBLISHED: 2021-03-05
An issue was discovered in channels/chan_sip.c in Sangoma Asterisk through 13.29.1, through 16.6.1, and through 17.0.0; and Certified Asterisk through 13.21-cert4. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijac...
CVE-2021-27963
PUBLISHED: 2021-03-05
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or session header.
CVE-2021-27964
PUBLISHED: 2021-03-05
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file.