This multinational banking institution has been around for over 100 years, dedicated to helping a customer base of over 20 million people in countries all over the world.
In order to serve such a large customer base and keep financial services at competitive rates, they’ve taken advantage of the latest in cloud technology to reduce the operating costs of their IT infrastructure and outward-facing services—from online banking apps to mortgage calculators. In doing so, they’ve migrated many of these customer-facing services to operate in all of the major cloud platforms, including Microsoft Azure, Google Cloud and soon Amazon Web Services. It’s a challenge for organizations adopting cloud infrastructure to properly secure those environments due to the elasticity and short lifespan of servers, as well as the ever-growing presence of containers.
Over the past 18 years, this multinational bank has kept their trust in Tripwire. They’ve relied on our promises to deliver the solutions that protect both their enterprise and the millions of customers that drive their success.
Business Need
- Dependable risk assessment and configuration control across a hybrid enterprise
- Vastly reduced attack surface of cloud-hosted systems through integration with DevOps teams and their orchestration tools
- Validation that systems deployed automatically meet the approved images’ risk levels and configurations before it’s too late
- Change monitoring on elastic systems throughout their entire life pan
- Instant vulnerability assessment on individual servers upon unauthorized configuration changes
Solution
This banking institution implemented Tripwire® Enterprise integrated with Tripwire IP360™ for complete risk assessment of their hybrid enterprise. Virtual images are assessed for configuration compliance and checked for over 130,000 vulnerabilities before they ever hit the deployment pipeline and the continuous integration systems responsible for automatically deploying finished systems.
By taking this critical step, they’re able to remediate vulnerabilities and misconfigurations before reaching product environments. This process greatly reduces the chance of risks and vulnerabilities making it into their cloud environments as well. From there, the rest of the integrity management process follows each system throughout its lifespan.
Results
- Once systems are deployed, both Tripwire Enterprise and Tripwire IP360 assess each final product compared to their approved state
- Tripwire Enterprise continues to monitor every change that occurs on each system
- If an unauthorized change is detected, Tripwire Enterprise and Tripwire IP360 work together to get an instant vulnerability scan of that system by taking advantage of agent-based vulnerability management technology
- All change events, misconfigurations and vulnerabilities are integrated back into the reporting solution that also covers their on-premise systems
Need Help Finding a Cybersecurity Solution?
Contact one of our product experts to find a solution that meets your security needs and reduces your business risk. Whether you have one or several initiatives to respond to, Tripwire ensures compliance, security, and flexible risk management solutions.