New capabilities examine systems for activities involved in a data breach
PORTLAND, Ore. (BUSINESS WIRE)Tripwire,
, a leading global provider of security and compliance solutionsfor enterprises and industrial organizations, today announced that
Tripwire Enterprise now features the ability to collect digital
forensic data in the event of a data breach.
“Tripwire Enterprise monitors systems in real-time for changes that
could be indicative of a breach,” said Tim Erlin, vice president of
product management and strategy at Tripwire. “When a security breach is
suspected, Tripwire Enterprise’s new Incident Response Rules can be used
to collect in-depth data on what happened on a system to speed and
support incident response.”
Tripwire Enterprise delivers forensic data from windows-based systems
file, network, process, USB, and USB artifacts. In each area, Tripwire
Enterprise:
File Access: Identifies files which have been opened, searched for, orexecuted, including trusted Microsoft Office locations which may be
abused by an attacker. Network Artifacts: Identifies active network connections. These help
in identifying whether malware is communicating with command and
control servers, and check for active lateral movement from the
endpoint. Process Execution: Provides evidence of processes which have been
executed on an endpoint. Tripwire Enterprise can show both actively
running and executables which have evidence of having been run in the
past. USB Usage: Provides a list of actively installed USB drives, drives
which have been installed in the past, and any mount points which may
be set up on the endpoint. User Activity: Identifies actions the user has taken on the endpoint
and what a user was searching for to help determine a malicious
actor’s goal.
Digital forensic capabilities are now available. For more information or
for updates on new releases, please contact Tripwire at: https://www.tripwire.com/contact .
About Tripwire
Tripwire is a leading provider of integrity assurance solutions that
improve security, compliance and IT operations in enterprises,
industrial organizations, service providers and government agencies.
Tripwire solutions are based on high-fidelity asset visibility and deep
endpoint intelligence combined with business context; together, these
solutions integrate and automate security and IT operations. Tripwire’s
enterprise-class portfolio includes file integrity monitoring,
configuration management, asset discovery, vulnerability management and
log collection that supports all widely used industry-standard
frameworks.
Learn more at www.tripwire.com ,
get security news, trends and insights at www.tripwire.com/blog ,
or follow us on Twitter @TripwireInc .
Contacts
Tripwire, Inc.
Ray Lapena, +1 714-624-8862
PR Manager
rlapena@tripwire.com
Do you think you can beat this Sweet post? If so, you may have what it takes to become a Sweetcode contributor...Learn More.