We want more of the CIA Triad. No, this has nothing to do with the US government agency. It stands for “confidentiality, integrity, and availability.” What it alludes to is the idea of protecting access to privileged information (confidentiality), asserting that the information hasn’t been tampered with (integrity), and that the information can be reliably accessed (availability). One of the most common frameworks for achieving and maintaining these goals is the CIS Top 20 Controls.

Many folks will be familiar, at least in passing, with the CIS Top 20 Critical Security Controls (CSCs). The first 5 CIS controls are designed to be the best bang-for-buck when it comes to eliminating a large potential attack surface in an organization. The remaining controls round out a list of capabilities that will help protect critical assets by ensuring that protection, monitoring, and recovery infrastructure is in place.

Tripwire’s integrated solution suite addresses the first 6 CIS controls and provides help with an additional 8, providing protection from 85% of threats. Let’s look at these six controls in more detail.

CSC 1 — Inventory of Authorized and Unauthorized Devices

In other words, know what you have on your network. Tripwire IP360 is the primary solution covering this control, as it has the ability to discover and fingerprint assets throughout the environment as well as keep an inventory of what has been discovered and when regardless of device type. Tripwire IP360’s capability is enhanced with the addition of Tripwire Enterprise and Tripwire CCM to cover this control even more thoroughly.

CSC 2 — Inventory or Authorized and Unauthorized Software

Once again, Tripwire IP360 is the primary solution for discovering and taking inventory of what software is deployed throughout the environment. This time, however, Tripwire Whitelist Profiler (an app that works with Tripwire Enterprise (Read more...)