Meeting your compliance needs with Tripwire
Last month at Info security Europe 2016 we had a chance to talk to Dean Ferrando at Tripwire. Dean has over 15 years of experience in systems engineering within the software industry. We sat down with Dean and discussed the Tripwire platform.
The Tripwire platform is agent based and supports functionality with a vast range of operating systems. During our demonstration Dean walked through the Tripwire platform and how it worked as a tool for change management. He commented:
We’ve got a password file that was changed. I don’t really know what the password file looked like before and afterwards. Well we can look at the password file [in Tripwire] and it’ll give you the before and afterwards. We can show you what’s been inserted and how many lines exactly. It’s real time as well, so as the change happens it picks it up and you can deal with it.
Dean continued by walking us through how the platform can be used to solve compliance needs. For this example we looked at PCI compliance. Dean commented:
We map all of these baselines against these requirements, we have about 700+ policies. Two things we’ve done. One is tell exactly what that standard is asking for, [Secondly] we then give you remediation guidance for every single system we support. As they make the changes the change will be detected by the firm, the firm will then tell the report to bump up the compliance score.