Tripwire Vulnerability Management
Find vulnerabilities, creating reams of data for IT teams to wade through

Overview:

Enterprise Vulnerability Management

Vulnerability management is the current evolution from early vulnerability assessment systems that labored to find vulnerabilities, creating reams of data for IT teams to wade through. Today's threat environment is unimaginably different—with thousands of new vulnerabilities reported annually—the sheer volume of launched attacks demands best-in-class vulnerability management solutions to deliver comprehensive discovery that supports the entire vulnerability management lifecycle.

Up-to-date vulnerability management is critical, especially as the time between vulnerability discovery and the release of an exploit is, in some cases, narrowing to zero. Evolving technology constantly increases attack vectors into enterprises and unmanageable numbers of vulnerabilities and required patches means continuous monitoring and remediation is key to enterprise security.

Tripwire's proactive vulnerability management solutions discover comprehensive endpoint and network intelligence and applies advanced analytics to prioritize vulnerabilities in a meaningful framework- flagging the greatest risks so security teams can make quick, quality decisions within a rapidly changing threat landscape.

The Top Choice for Enterprise Networks

The Tripwire IP360 vulnerability management solution provides unique benefits:

• Industry-leading application and vulnerability discovery of all network assets
• Scalability to the largest networks in the world
• Integration with existing IT systems for maximum coverage and minimal operational disruption
• Deployment at customer location, as a cloud-based service, or in combination, for maximum flexibility and value

Exclusive Vulnerability Coverage Guarantee

Tripwire provides the most timely vulnerability intelligence through the company's Vulnerability and Exposure Research Team (VERT), dedicating world-class security and vulnerability researchers, a state-of-the-art lab and unwavering attention to the changing threat environment. Tripwire's VERT identifies emerging vulnerabilities, creating unique detection signatures that are constantly updated in Tripwire vulnerability and risk management solutions- delivering unprecedented vulnerability discovery coverage.

VERT protects Tripwire customers with an exclusive 24-hour Microsoft Security Advisory Service Level Agreement. The Tripwire guarantee: Within 24 hours of a Microsoft advisory, Tripwire IP360 is updated with the signatures to find those vulnerabilities. This guarantee is unique in the industry-only offered by Tripwire to its customers.

VULNERABILITY MANAGEMENT / ASSESSMENT FAQS

What is a vulnerability?
A vulnerability is a software defect or system misconfiguration that allows an attacker to gain increased access or interfere with system operations. Examples include software buffer overflows, or old, unpatched versions of software.

WHAT IS VULNERABILITY ASSESSMENT (VA)?
Vulnerability Assessment is the process of scanning networked devices and discovering vulnerabilities before hackers can exploit them. Tripwire IP360 performs vulnerability assessment as part of the Vulnerability Management lifecycle.

WHAT IS VULNERABILITY MANAGEMENT (VM)?
Vulnerability Management is a closed-loop workflow that generally includes identifying networked devices, auditing (scanning) the devices for vulnerabilities, and remediating the vulnerabilities. Tripwire IP360 is the world’s leading vulnerability management system in use at over 6,500 enterprises worldwide.

HOW IS THIS DIFFERENT FROM PENETRATION TESTING (PEN TESTING)?
Pen testing is a manual security assessment of a network that utilizes vulnerability assessment tools and others to determine network weaknesses. Tripwire partners utilize Tripwire IP360 when conducting penetration tests with their clients.

HOW IMPORTANT IS CURRENT VULNERABILITY COVERAGE?
Up-to-date vulnerability coverage is critical, especially as the window between vulnerability discovery and the release of an exploit is narrows to zero in some cases. Tripwire’s Vulnerability and Exposure Research Team (VERT) produces coverage on the latest vulnerabilities and Tripwire IP360 automatically updates itself as the coverage is released.

WHAT ARE CRITICAL FEATURES OR CAPABILITIES?
Critical features in a VA or VM solution include:

• Scalability – can the solution grow beyond a single department to scan my entire network in a timely fashion?
• Integration – does the solution integrated with other enterprise systems such as ticket systems and IDS/IPS?
• Accuracy and comprehensiveness – does the solution accurately identify networked systems and the vulnerabilities on these systems?
• Modular – can you start small and grow the system to fit your network?

HOW SHOULD I DECIDE BETWEEN USING A MANAGED SERVICE OR ON-PREMISE SOLUTION?
If you desire control over your vulnerability data and integration of the vulnerability data with other systems on your network, an on-premise solution is best for you. If you prefer to outsource your security, a managed service may be an appropriate solution. Tripwire IP360 is the world’s leading on-premise vulnerability management system, and Tripwire partners utilize IP360 to deliver vulnerability management as a service.

HOW DO I GET STARTED WITH VULNERABILITY ASSESSMENTS?
Tripwire makes it easy to get started with auditing your network for vulnerabilities. TripwireIP360’s appliance-based architecture enables you to start small and grow as your network grows.

ARE THERE IMPORTANT METRICS I SHOULD BE TRACKING IN VULNERABILITY MANAGEMENT?
Yes. In order to continually improve your security risk posture, you must measure it using common metrics and compare it to past measurements. Useful VM metrics include:

• Vulnerability score by operating system, application, or organization division – this metric provides a high level measurement of how the organization is doing, cut across several dimensions.
• Most vulnerable applications, with a breakdown into vulnerability score by application version – this metric helps highlight old, vulnerable versions of software that should be upgraded or eliminated.
• Assets scanned within the last “X” days – this metric shows how much of the network is being scanned in a timely fashion.
• Unowned devices and unapproved applications – this metric is very useful to track “unowned” devices that may be rogue devices or simply contractor/consultant systems, as well as the trend of applications that are not specifically allowed on the network.