Defending against attacks in today’s threat landscape is becoming increasingly difficult given the high rate of change on enterprise networks, the constantly evolving threat environment and the increased focus on internal and regulatory compliance. Organizations require a comprehensive view of security risk across the global enterprise network. While large quantities of data for security intelligence are collected every day, gaining valuable insights is hindered by its volume, velocity and variety.
Integrating Tripwire® IP360™ with Splunk Enterprise enables you to visualize security vulnerability risk data so you can easily measure and manage your security risk posture. Tripwire IP360 provides vulnerability and risk assessment, scoring and profiling intelligence to Splunk’s analytics engine where, in easy to implement dashboards, you can easily discover every system on your network and reduce the time spent investigating security incidents.
Complete Solution for Security Intelligence
Tripwire IP360 is a leading vulnerability and security risk management solution that delivers comprehensive discovery and profiling of network assets. IT security professionals leverage the advanced prioritization metrics that combine asset value and vulnerability scores to place security risk in the context of the business. Tripwire’s industry leading Vulnerability and Exposure Research Team (VERT) keeps Tripwire IP360 up to date with accurate, non-intrusive discovery signatures that are current and relevant to large enterprises.
Spunk Enterprise is a security intelligence platform that collects, indexes, and harnesses machine generated big data coming from websites, applications, servers, networks and security solutions such as Tripwire IP360. Splunk is often used as a big data platform for incident investigations and forensics, security reporting and visualization, and security information and event management (SIEM) threat correlation. Tripwire IP360 App for Splunk Enterprise The Tripwire IP360 App for Splunk Enterprise is a free app available at www.tripwire.com/register/ip360- splunk-app/. It pulls in data from Tripwire IP360 and offers out of the box, dashboards, reports and fast access to critical system and application data. Tripwire IP360 provides CIM-compliant security vulnerability risk data, which Splunk visualizes in out of the box dashboards examples. This enables real-time risk assessment and incident investigation, and easily correlates with other data sources.
Adaptive Threat Protection
Tripwire also offers integrations between Tripwire Enterprise and Splunk Enterprise. Tripwire Enterprise provides enterprise wide security configuration and policy management with endpoint detection, response and prevention controls. Combining Tripwire Enterprise with Tripwire IP360 enables Adaptive Threat Protection™ by continuously monitoring the threat landscape in an automated way and reducing the manual effort of prioritizing risk. By combining Adaptive Threat Protection with Spunk Enterprise you get unprecedented IT and security visibility for faster threat detection and prevention.
Key Benefits
- Continuous risk assessment and incident investigation
- Visualize security risk and vulnerability intelligence from Tripwire IP360
- Measure to see if critical vulnerabilities are increasing or decreasing over time
- Profile all assets across your network
- Correlate vulnerability information with other security/data sources