Tripwire Enterprise ensures system availability and speeds up investigations through integrity monitoring that uses both agent and agentless methods to discover changes in real time before they become breaches and find the root cause of a compromise if a breach occurs. While the solution can be deployed physically, virtually on-premises or in the cloud, ultimately it is a software-based, dashboard-driven offering with a web-based interface.
Tripwire Enterprise zeroes in on security, compliance and IT. Implementation begins with detecting changes to configurations, resulting in a baseline of activities and practices used to gain both insight into information surrounding changes and individualized business context.
Once current practices are discovered, analysts will find help establishing policies by tapping an extensive library of 35,000 out-of-the-box security configuration best practices for all major standards based on 800 combinations of policy and platform frameworks. Out-of-the-box audit report templates and automated compliance reporting can reduce the overall time spent on compliance.
Continuous monitoring and reporting help maintain compliance over time, so tracking changes is crucial. The Detection Engine monitors changes on everything from file systems, directory services, hypervisors, applications and more. Organizations can configure extensive, real-time alerting options and create step-by-step remediation instructions for analysts on how to undo any changes and revert back to previous practices. IT service management integration detects and differentiates authorized changes from unauthorized ones by leveraging automatic change categorization to reduce unplanned work. Sandbox functionality can be leveraged to safely determine what any altered files do and create reports that provide screenshots of executables launched within the sandbox.
Admittedly, the dashboard felt dated to us and that impacted its ease of use. We missed the updated versions with newer interfaces that other solutions offer. The Hybrid Cloud Dashboard supports AWS, Azure, Google Cloud and a few SaaS applications.
Overall, Tripwire Enterprise helps an organization understand what’s happening in its environment to proactively guard against breaches through discovery, inventory and recorded change/log data of all critical assets.
Starting prices range from $599 to $6,995 for licensing
and $19-$895 for each monitored asset. Basic, no-cost support is not included.
However, support options are available for an additional charge and include:
phone, email and website support, a knowledgebase and an enhancement request
portal and more for 8/5 with 24/7
emergency response coverage.
Tested by Tom Weil