System Hardening is the act of reducing the attack surface in information systems and minimizing their vulnerabilities in accordance with: Recognized best practices; vendor hardening guidelines; custom security polices; industry standards or benchmarks. Security Configuration Management is an automated, security-focused set of capabilities that makes system hardening: Repeatable and enterprise-scalable; continuous with real-time or periodic capabilities as needed; flexible and aligned with business needs, workflows and exceptions; self-correcting and self-remediating. Here's where the rubber meets the road...

1. System Hardening Made
Easy…
Security Configuration Management from Tripwire
MICHAEL THELANDER, PRODUCT MARKETING DIRECTOR
1.29.2013

3. System Hardening
•
•
•
•
Security Configuration Management
•
•
•
•

4. NIST says SCM is:
“The management and control
of configurations for an
information system with the
goal of enabling security and
managing risk”

5. The ability to create, edit and manage
IT security hardening policies in a way that
fits real-world business processes and
continually balances risk and productivity

6. On Many Short-term Buying Lists
© 451 Group 2013

7. 1
the #1 priority

8. 2
2nd most effective

9. 3rd most important
3
(& 10)

10. GCHQ’s New Cyber Security Guidance
GCHQ released new
“10 Steps to Cyber
Security” in Fall 2012
Focused on executive
and board
responsibility
Names Secure
Configurations as one
of the most critical
steps to achieving
an objective measure
of cybersecurity

12. “Configuration drift is a natural condition in every data
center environment due to the sheer number of ongoing
hardware and software changes.” – Continuity Software blog
“In less than a week,
all the configuration
controls, permissions
and entitlements that
IT spends time testing
are useless.”
– ITPCG blog

13. Tripwire’s solution monitors and assesses critical configurations in:
• File systems of all kinds: Windows, Linux, Solaris, AIX, HP-UX
• Databases like MS-SQL, Oracle, IBM DB2 and Sybase
• Directory services and network devices
Tripwire’s SCM is built on the world’s best integrity solution, assuring:
• Immediate detection of changes to critical, defense-dependant configurations
• Efficient, change-triggered configuration assessment
• Continuous risk reduction
Tripwire’s system hardening solutions are enterprise-scalable, with:
• Automated deployment and setup
• A complete system of waiver and workflow management
• Automated or assisted remediation options for failed or weak configurations
• The industry’s largest , most customizable policy library

14. Tripwire’s solutions continually assess and
remediate insecure configurations, insuring
always-hardened, always-ready information
systems and network devices
Time

15. Broadest
Largest







Rapid Repair
Real-World Environments






Industry’s Best FIM
Industry-Recognized





17. extracts and abstracts
•
•
understands
•
•
•
meaningful business intelligence

18. www.tripwire.com