Tripwire File Integrity Monitoring (FIM) has the unique, built-in capability to reduce noise by providing multiple ways of determining low-risk change from high-risk change as part of assessing, prioritizing and reconciling detected change. Auto-promoting countless business-as-usual changes reduce the noise so IT has more time to investigate changes that may truly impact security and introduce risk. Tripwire uses agents to continuously capture detailed who, what, and when details in real time, to ensure that you detect all change, capture details about each one, and use those details to determine the security risk or non-compliance.
Tripwire provides the ability to integrate File Integrity Manager with many of your security controls: security configuration management (SCM), log management and SIEM.
Improper Change Detection
Detects Improper Change, including additions to, deletions from and modifications of file systems, and identifies what changed and where and when the change was made.
Identifies Source of Improper Change by correlating event logs to Tripwire integrity reports, helping support change management processes, audits and data forensics. Easy Management of Change Monitoring Policies
Simplifies and Eases Management of Change Monitoring Policies with an intuitive interface that allows rapid set-up and “noise” reduction from non-critical alerts and also easy adding, deleting, or modifying policies.
Improper Change Alerts
Alerts to Improper Change When and Where Needed with alerts sent in multiple ways—email, syslog, SNMP traps, XML and HTML output to the Tripwire Manager console—to ensure IT receives them.
High Level Information
Provides just the right level of information with high-level views that provide management with a picture of overall health and drill down to details that help technical staff remediate issues.
Supports Automated Rollback by triggering custom command line scripts that automatically restore files to the last known good state. Support for command line scripts can also extend reporting and notification capabilities.
Broad Platform Support
Offers Broad Platform Support, monitoring machines—even virtual machines—running Windows, Linux, Solaris, HP-UX, and AIX. And when used with Tripwire® Manager, Tripwire for Servers provides a single point of control to manage change to servers and desktops across the enterprise.