Security is Artistic not Scientific
- I find the Tripwire IP360 reporting features extraordinary. I can run various audit and inventory reports at any point since the inception of the tool. For example, I can execute a report on the history of an asset, which establishes a baseline and can be used to support many security objectives.
- Scan scheduling. This feature allows the tool to run independently without human intervention. I don’t have time to manually run scans of different departments. Therefore, I schedule all my audits and check the report the next day. This has worked brilliantly for 3 years now.
- Automated update of the vulnerability rules. Automatically updating these rules and binding them to the scans preserves the tool relevancy during audits
Cons
- I’d like to see IP360 have the ability to discover additional security appliances such as PaloAlto and Fortinet appliances.
- The biggest impact Tripwire has had in the organization is risk reduction. Since the inception of the tool our vulnerabilities have been reduced by 40%.
- Rapid7