Security is Artistic not Scientific
February 05, 2016
Security is Artistic not Scientific
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Tripwire IP360
The security team manages this product and it is used to access and inventory all assets in the organization. Because we have devices spread among various locations, it was difficult to determine and validate what is actually on the network. Therefore IP360 was purchased to solve this problem by offering the ability to perform agentless inventory and vulnerability scans. As a result, we are now aware of what is in our environment and where our vulnerabilities reside.
Pros
- I find the Tripwire IP360 reporting features extraordinary. I can run various audit and inventory reports at any point since the inception of the tool. For example, I can execute a report on the history of an asset, which establishes a baseline and can be used to support many security objectives.
- Scan scheduling. This feature allows the tool to run independently without human intervention. I don’t have time to manually run scans of different departments. Therefore, I schedule all my audits and check the report the next day. This has worked brilliantly for 3 years now.
- Automated update of the vulnerability rules. Automatically updating these rules and binding them to the scans preserves the tool relevancy during audits
Cons
- I’d like to see IP360 have the ability to discover additional security appliances such as PaloAlto and Fortinet appliances.
- The biggest impact Tripwire has had in the organization is risk reduction. Since the inception of the tool our vulnerabilities have been reduced by 40%.
- Rapid7
I chose Tripwire IP360 because of its flexible reporting features
Comments
Please log in to join the conversation