Tripwire Enterprise delivers continuous monitoring solution that processes native SCAP content

PORTLAND, OREGON — June 6th  2013 — Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced Security Content Automation Protocol (SCAP) 1.2 validation for Tripwire Enterprise version 8.2. Tripwire is the first configuration scanning vendor to complete SCAP 1.2 validation under NIST’s National Voluntary Laboratory Accreditation Program (NVLAP).  The validation was performed by Science Applications International Corporation (SAIC).

Federal government agencies are under immense pressure to improve cyber security through an increased focus on risk management initiatives such as continuous monitoring and Federal Information Security Management Act (FISMA) compliance.

“We are excited to be the first vendor to earn this important validation”, said John Klein, federal director for Tripwire. “Tripwire has been a strong supporter of government security standards for over 15 years and we’re committed to delivering continuous monitoring solutions that help government agencies become both compliant and secure.”  

The SCAP standard drives continuous monitoring by organizing, measuring and automating a wide range of cyber security information.   SCAP has been adopted by many commercial firms that do business with the Federal government as well as other private sector firms that use it to solve large-scale policy management problems.

Tripwire Enterprise provides the most comprehensive SCAP scanning and CyberScope reporting solution available. Tripwire Enterprise version 8.2 includes a next-generation policy engine that processes native SCAP 1.2 content using the Open Vulnerability and Assessment Language (OVAL) standard.  

Key features include:

·         Full support for SCAP 1.0, 1.1 and 1.2 content

·         Full support for OVAL including the Extensible Configuration Checklist Format (XCCDF) and Asset Reporting Format (ARF) output

·         Allows customers to test SCAP compliant content from DISA, USGCB as well as proprietary content

For more information on Tripwire’s government solutions please visit http://www.tripwire.com/data-security/continuous-monitoring/.

About Tripwire

Tripwire is a leading global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business. Tripwire provides the broadest set of foundational security controls including security configuration management, vulnerability management, file integrity monitoring, log and event management. Tripwire solutions deliver unprecedented visibility, business context and security business intelligence allowing extended enterprises to protect sensitive data from breaches, vulnerabilities, and threats. Learn more at www.tripwire.com or follow us @TripwireInc on Twitter.

###