Industry leader delivers automated tools designed to detect and block endpoint cyber attacks in real-time
Tripwire, Inc., a leading global provider of endpoint protection, security and compliance solutions, today announced a range of new proactive endpoint detection and response (EDR) features in its flagship product, Tripwire® Enterprise. The new EDR functionality can discover and assess the security of endpoint assets on an organization’s network, enabling real-time detection, analysis and response to cyber attacks.
Tripwire Enterprise now gives users the power to automate the remediation of unauthorized file or process changes, which can be the first indications of a compromise. The new functionality also makes it possible for users to detect a breach, contain the attack and anticipate where attackers are going to strike next.
Integrated with a wide range of open source and commercial threat intelligence services, these latest features make it possible for customers to respond automatically or manually to emerging threats and malware. If a known piece of malware is placed on assets monitored by Tripwire Enterprise, the new technology will automatically find it, kill the process and clean the system to remove the infection.
Tripwire Enterprise allows users to remediate a wide variety of scenarios from a central console, and since time is of the essence when responding to a cyber attack, there is no requirement to log in to the endpoint to stop a cyber attack in process.
“In cyber security incidents, there is often a gap between knowing there is a problem and knowing what to do about it,” said Dwayne Melancon, CTO and vice president of research and development. “This automated response capability bridges that gap so incident response personnel can confidently and precisely respond to malicious attacks.”
Critical endpoints are systems that, if compromised, could have significant fiscal or operational impact on an organization, and these systems are also the ultimate target of cyber attackers. Effective endpoint security goes beyond protecting and hardening devices; ultimately, these capabilities must improve an organization’s resilience and enable them to quickly detect and respond to cyber security attacks before they can cause significant damage.
The Tripwire Enterprise EDR solution improves an organization’s resistance to a cyber attack by enabling them to:
- Take proactive, immediate steps to reduce the attack surface of critical endpoints.
- Correlate real-time behavior anomalies and policy violations, speeding up the detection of malicious activity.
- Monitor events to respond quickly and precisely to emerging and zero-day threats.
- Enhance collaboration between IT and operational technology (OT) teams for faster, more precise threat detection and response.
Melancon continued, “Automating the detection of threats is essential in today’s cyber threat environment. As we know, detecting threats is not the end of the battle – neutralizing them is, which means that this automated capability to detect and remediate attacks is a boon for enterprises.”
Tripwire Enterprise customers realize immediate value by utilizing nearly 700 out-of-box profiles and scanning, detection and protection rules designed to help stop an attack in progress. Tripwire solutions are integrated with over 70 third-party IT and security solutions, simplifying the automation of a wide variety of key processes for its customers, which dramatically improves their overall IT and security effectiveness.