Resources

Datasheet

IRS 1075 Compliance Solutions with Tripwire

The IRS 1075 publication lays out a framework of compliance regulations to ensure federal tax information (FTI) is treated with adequate security provisioning to protect its confidentiality. This may sound simple enough, but IRS 1075 puts forth a complex set of managerial, operational and technical security controls you must continuously follow in order to maintain ongoing compliance. Any...
Datasheet

The National Cybersecurity Authority (NCA) Compliance with Tripwire Enterprise

The National Cybersecurity Authority (NCA) is the government entity in charge of cybersecurity in Saudi Arabia, encompassing both regulatory and operational functions related to cybersecurity. National Cybersecurity Authority Essential Cybersecurity Controls The NCA works closely with public and private entities to improve the cybersecurity posture of the country in order to safeguard its...
Datasheet

National Information Assurance (NIA) Certification with Tripwire Enterprise

Keeping sensitive data and assets safe is the goal of regulatory cybersecurity frameworks such as the NIA. The National Information Assurance Policy provides organizations with the necessary foundation and the relevant tools to enable the implementation of a full-fledged Information Security Management System. The NIA policy guides organizations in classifying the impact of information security...
Datasheet

Implementing FISMA SI-7

To enhance your Federal Information Security Management Act (FISMA) compliance grade, you must implement one of the most challenging controls in NIST SP 800-53: the Controls, Family: System Information & Integrity (SI) 7 requirement. SI-7 states that organizations must employ automated and centrally managed integrity verification tools to detect unauthorized change. This level of visibility can be...
Datasheet

The Tripwire HIPAA Solution

The United States Health Insurance Portability and Accountability Act of 1996, or HIPAA, was enacted to safeguard Protected Health Information (PHI) by mandating procedures and controls to assure the public that critical and private information is controlled from loss of confidentiality, integrity or availability. With few exceptions, an organization is subject to HIPAA if it exchanges data...
Datasheet

Tripwire and HITRUST

The HITRUST CSF rationalizes relevant regulations and standards (such as NIST, CIS, and HIPAA) into a single overarching security and privacy framework. Now, with Tripwire® Enterprise, organizations can automate HITRUST CSF assessment and reduce the burden of compliance. Any organization that collects or stores personally identifiable information (PII) faces a relentless stream of cyberattacks....
Datasheet

CMMC Compliance with Tripwire

The U.S. Department of Defense (DoD) is implementing the Cybersecurity Maturity Model Certification (CMMC) program to standardize the level of cybersecurity implemented throughout its 300,000 suppliers. In practice, this means that every member of the Defense Industrial Base (DIB) will be required to pass an audit in order to win DoD contracts. Compliance for a small number of contracts began in...
Datasheet

Tripwire Enterprise and Cisco AMP Threat Grid

Overview There is mounting concern at the senior executive and board level regarding cybersecurity, driven by highly visible advanced targeted attacks. These attacks threaten precious IP, valuable customer information, company valuation and trade secrets. To truly protect valuable resources, organizations have to accept the nature of modern networked environments and devices, and start defending...
Datasheet

Automated TISAX Compliance

TISAX, the Trusted Information Security Assessment Exchange, is a mandatory compliance requirement for companies that touch any point of the German automotive supply chain. Its industry-wide enforcement applies to auto manufacturers and OEMs (original equipment manufacturers), but reaches further to encompass development and procurement departments as well: Even if your company isn’t Germany based...
Datasheet

Tripwire Managed Services

Today’s IT and InfoSec Executives are challenged with an ever changing cybersecurity landscape. When combined with the proliferation of new sources of information every day, it can be increasing difficult to maintain and operate technology solutions that are designed protect the organization from risk. Many IT organizations are struggling to revise processes to establish governance practices, but...
Datasheet

Tripwire Resident Engineers

The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote...
Datasheet

Tripwire Resident Engineers for Federal Agencies

The cybersecurity skills gap leaves Federal agencies without adequate staffing for the operation of their security tools. High turnover rates can also cause agencies to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote work...
Datasheet

Tripwire’s Solutions for Automated, Continuous PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, cyber threats, and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting, and storing credit card data to minimize the theft,...
Datasheet

NERC CIP 013 Compliance

More attention is being paid to risks around the supply chain in the bulk electricity system (BES). When third-party vendors introduce new products, software and personnel into a power supplier’s environment, the potential for new cyber risks increases. For this reason, the North American Electric Reliability Corporation (NERC) recently added a new set of requirements to its Critical...
Datasheet

Achieving Resilience While Fulfilling NERC CIP Requirements

Some of our nation’s most critical physical infrastructure is represented by the national Bulk Electric Systems (BES). Today’s digital world relies upon this interconnected network of power generation and transmission systems more than ever. To ensure the reliability and resilience of that network, providers must continually manage threats to the infrastructure, including many that relate to...
Datasheet

NERC CIP Best Practices: The Tripwire Approach

Industrial operators subject to the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standard know that achieving compliance is no minor feat, and serious strategic consideration is required to ensure efficient resource use in the compliance process. By meeting NERC CIP compliance, these companies take important steps towards securing their IT/OT...
Datasheet

Tripwire and Eaton

Transmission and Distribution asset owners have to juggle disconnected or disparate tools to satisfy NERC CIP and internal cybersecurity requirements. Specifically for substation automation applications, monitoring the various intelligent electronic devices (IEDs) like relays, RTUs, and connected I/O can prove difficult and time consuming. Tripwire and Eaton offer a unique combination of...
Datasheet

NERC CIP Compliance with Tripwire and NovaTech

Tripwire solutions protect sensitive data and assets from breaches, vulnerabilities, and threats while delivering risk visibility, business context and security business intelligence. The integration between Tripwire and Novatech’s NERC CIP Password, Configuration and Remote Access Management solution brings a consistent approach to the management, auditing and maintenance of secure configurations...
Datasheet

NERC CIP Compliance with Tripwire and RedSeal

The NERC Critical Infrastructure Protection standards are designed to enhance reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit ready with the resources required to achieve and maintain compliance. NERC CIP version 6 increases the amount of work...
Datasheet

NERC CIP Compliance with Tripwire and SigmaFlow

The NERC Critical Infrastructure Protection standards are designed to enhance the reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit-ready with the resources required to achieve and maintain compliance. NERC CIP compliance, especially when...