Upload
tripwire
View
391
Download
2
Tags:
Embed Size (px)
Citation preview
Expanding threat
landscape; more
cybercrime with
sophisticated
adversaries
Market is consolidating
and leaning on
strategic vendor
relationships to
reduce TCO
of existing solutions
Barriers To Success
Existing technology
isn’t providing
expected ROI,
is too expensive and
complex, and only
delivers data
Expanding threat
landscape; more
cybercrime with
sophisticated
adversaries
Market is consolidating
and leaning on
strategic vendor
relationships to
reduce TCO
of existing solutions
Barriers To Success
Existing technology
isn’t providing
expected ROI,
is too expensive and
complex, and only
delivers data
Don’t know what I don’t know
Too much data to sift through
Cost of being secure, compliant
and efficient is too high and labor
intensiveProve Compliance
Prevent Outages
Protect Sensitive Data
Don’t know what I don’t know
Too much data to sift through
Cost of being secure, compliant
and efficient is too high and labor
intensiveProve Compliance
Prevent Outages
Protect Sensitive Data
No Change Intelligence
No Security
Data Landfill
So What!
Raw Log Data
Detect ChangeGood & Bad
Report ChangeGood & Bad
The lack of compliance in PCI DSS Requirement 11 …. Knowing (not just recording) what is actually occurring
within networks and systems is …. critical.
2010
FTP event to foreign IP10 failed logins
FTP Enabled
Were changes made?
Who made them?
Did they enable events?
Login successful
FTP event to foreign IP10 failed logins
FTP Enabled
Were changes made?
Who made them?
Did they enable events?
“We consistently find that nearly 90% of the time logs are available but discovery
[of breaches] via log analysis remains under 5% ”
2010
VISIBILITY
Across the entire
IT infrastructure
INTELLIGENCE
Enable better,
faster decisions
AUTOMATION
Reduce manual,
repetitive tasks
A Better Approach
Business as usual
Change windows
User ID
Multiple conditions
Auto-retest to policy
Close breach-to-discovery time gap
Immediate time-to-value
Exclusive to Tripwire!
Raw Log Data
Dynamic Policy Testing
Change Process Analysis
Reconcile to Authorization
Raw Log Data
• High Speed Log Archival• Google like Index• Fast Search • Intelligent Reporting
• Events of Interest• Structured Data • Complex Reporting• Data visualization
Normalization
& Correlation
5 failed logins
Logging turned off
Host not generating events
Windows event log cleared
Login successful
Policy test fails
Assess & Achieve
Maintain
Non-stop monitoring & collection
Dynamic analysis to find suspicious activities
Alert on impact to policy
Remediate options to speed remedy
Desir
ed S
tate
Time
Tripwire is a leading global provider of
IT security and compliance automation
solutions that enable organizations to protect,
control and audit their entire IT infrastructure
Change, Breaches, Audits
and Outages Happen. TAKE CONTROL.