PRESS RELEASE

PORTLAND, Oregon July 12, 2011 - Tripwire, the global leader of IT security and compliance automation solutions, today announced the worlds first library of pre-selected Cybercrime controls to help organizations proactively protect their sensitive data. The Tripwire Cybercrime Controls Library empowers IT security directors with baseline security rules and controls that are designed for simple, rapid implementation to effectively prevent and detect potential security threats.

Tripwire Cybercrime Controls Library addresses a number of key security organization needs, such as limited staff resources, lack of time, and the difficulty in gaining expertise in all the solutions required to provide end-to-end enterprise security. The Cybercrime Controls Library, the industrys leading configuration control solution, combines hand-selected configuration assessment tests with a set of tailor-made change detection rules, making it easy for overworked security administrators to achieve base level of integrity and security across their Windows servers with a minimum time investment. The Cybercrime Controls Library is a powerful example of the Tripwire VIA strategy of unifying and automating security controls, ensuring continuous data protection and providing the best possible defense against todays fast-changing threats. The Cybercrime Controls Library adds immediate intelligence to Tripwire' Enterprise, putting Tripwires deep security expertise to work for the quick detection of suspicious, malicious or unusual behavior.

We selected these specific Cybercrime Controls so security professionals could cover as many bases as possible with as little effort as possible, and begin with a short list of foundation security controls, said Dwayne Melanon, VP of Products for Tripwire. With this package in hand our customers can leverage our expertise and ensure they can get critical system hardening without becoming rule-creation experts themselves.

According to the 2011 Verizon Breach Investigations Report, most data breaches are the result of criminals infiltrating IT systems and altering the state of those systems by extracting or changing information. The challenge facing many resource-strapped security departments, however, is that the development and implementation of effective security and configuration content such as rules and standards tends to be time-consuming, tedious and costly. In order to mitigate the risk of cyber attacks, Tripwire Cybercrime Controls Library offers busy administrators an out-of-the-box, easy to deploy solution that provides critical controls and intelligence to detect unauthorized changes or other suspicious activity before an organizations IT systems and sensitive data can be compromised.

With the rise in volume and sophistication of cyber attacks, the battleground has shifted from preventing bad guys from breaching the perimeter to quickly detecting any abnormalities or attacks to critical systems before they become a problem, said Melanon. With Tripwire Cybercrime Controls Library, were giving security and IT pros a huge advantage in being able to quickly get the right controls in place, to mitigate risk and immediately begin deriving intelligence about whats happening across their systems.

The pre-selected set of data breach detection rules in Tripwire Cybercrime Controls Library provide timely and simple monitoring for basic attack vectors, focusing on local firewall configuration, scheduled tasks, listening ports, system services and startup tasks. The companion configuration hardening standards in the library come from Center for Internet Security standards and assets security protocol versions, malicious code detection and prevention, attack surface reduction, disable system components and services, maintenance and patches and audit trail protection.

The Tripwire Cybercrime Controls Library is now available with the purchase of Tripwire Enterprise, or to current users on an active support plan, at no additional cost. Regular updates will be issued as part of Tripwires ongoing commitment to expanding the library to address customers evolving security needs. For more information, please visit http://www.tripwire.com/register/cybercrime-controls-for-tripwire-enterprise.

About Tripwire, Inc.

Tripwire is a leading global provider of IT security and compliance automation solutions that help businesses, government agencies, and service providers take control of their physical, virtual, and cloud infrastructure. Thousands of customers rely on Tripwire's integrated solutions to help protect sensitive data, prove compliance and prevent outages. Tripwire VIA, the integrated compliance and security solution delivers best-of-breed file integrity, policy compliance and log and event management solutions, paving the way for organizations to proactively achieve continuous compliance, mitigate risk, and ensure operational control through Visibility, Intelligence and Automation. Learn more at www.tripwire.com and @TripwireInc on Twitter.