Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • How Tripwire Can Be a Partner on Your Zero Trust Journey
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

How Tripwire Can Be a Partner on Your Zero Trust Journey

4 years ago Maurice Uenuma
How Tripwire Can Be a Partner on Your Zero Trust Journey

In a previous blog post, I discussed the different applications of integrity for Zero Trust and provided four use cases highlighting integrity in action. The reality is that many organizations can’t realize any of this on their own. But they don’t need to. They can work with a company like Tripwire as a partner on their Zero Trust journey.

Let’s explore how they can do this below.

Begin with a Baseline

Security teams can begin their Zero Trust journeys by establishing a baseline of integrity. Infosec personnel need a trusted state of their employer’s systems and information to understand the security, compliance, and operational state of their employer’s assets over time. Only if they establish a “single source of truth” can they monitor for low-priority, routine changes as well as events that could signify a security incident. These include the addition of unrecognized binaries and the alteration of access privileges on critical files.

With this continuous monitoring capability, the integrity platform also becomes critical to successful prevention and detection within a Zero Trust environment. In that sense, integrity management doesn’t just serve as the foundation for Zero Trust Architecture (ZTA). It also serves as the ultimate backstop should attackers get in, as these threat actors need to make a change to perform their malicious activity sooner or later.

Ensure Zero Trust Over Time

Once they have an integrity-based Zero Trust program in place, organizations can then continuously revalidate the trustworthiness of systems and information using security tools such as those offered by Tripwire. They can turn to four solutions in particular. Those are security configuration assessment, policy compliance, vulnerability assessment, and integrity monitoring.

Security Configuration Assessment

Security teams need to trust that their employer’s information and data is configured to a secure baseline that aligns with policy. This can help to ensure that the Trust Policy Engine makes appropriate risk-based decisions for connection requests to different business assets. Towards that end, Tripwire Enterprise provides a combination of platforms and policies for organizations to determine how their assets are configured. This assessment of security policy is available for integration via APIs and apps connected to Tripwire Enterprise. Simultaneously, Tripwire Configuration Manager provides assessment of cloud infrastructure such as cloud accounts, storage, and SaaS solutions, thereby allowing for Zero Trust to extend beyond on-premises assets.

Policy Compliance

Security teams don’t just need to worry about protecting their employer’s assets against digital threats. They also need to make sure they fulfill any relevant compliance obligations that cover some or all of their systems and data. Tripwire Enterprise can provide compliance assessment results to inform trust policy decision making, as well as satisfy auditor requirements. Where it can be difficult to assign a static asset scope to a compliance requirement, Zero Trust using compliance results from Tripwire can provide assurance that all entities involved in a particular system are compliant.

Vulnerability Assessment

An important part of Zero Trust is evaluating risk, such as software vulnerabilities. Indeed, a Zero Trust policy might specify that assets with vulnerabilities providing remote privilege access should not be able to connect to specific data sets, for instance. It might also specify vulnerability score thresholds for access to specific sets of resources.

These functions emphasize the need for infosec personnel to assess their employer’s infrastructure for known vulnerabilities. With that said, Tripwire IP360 provides both agent-less and agent-based vulnerability assessment across a variety of asset types including servers, workstations, network devices, containers, and cloud workloads. Those tests yield visibility into vulnerabilities affecting the operating systems and applications on those devices, and they provide results in a robust REST API that apply to both access requesters and ZTA resources such as Network Access Control (NAC) and Privileged Access Management (PAM) platforms.

Integrity Monitoring

Finally, security teams need to close any gaps left over from their security configuration assessments, policy compliance initiatives, and vulnerability assessments. Otherwise, an attacker could exploit undetected or unremediated vulnerabilities and abuse them to gain access to an organization’s network. That’s why it’s not enough for security teams to implement these solutions and other solutions once and leave them alone after that. They need to bring in integrity monitoring to spot potential deviations. In the example of security configuration, for instance, that would mean establishing a baseline configuration and then monitoring that configuration for changes. This can help security teams to identify and address risk proactively before the Trust Policy Engine needs to make a decision about access. It can also help to spot changes in the configuration of the Zero Trust policy, the Trust Policy Engine, and any of the other supporting components themselves.

No Integrity Means No Zero Trust

Ultimately, there’s no Zero Trust without integrity. Security teams need to use this realization to get Zero Trust right the first time and to continue getting it right from there.

To learn more about how Tripwire can help, download this whitepaper: https://www.tripwire.com/misc/a-tripwire-zero-trust-reference-architecture.  

The post ” How Tripwire Can Be a Partner on Your Zero Trust Journey” appeared first on TripWire

Source:TripWire – Maurice Uenuma

Tags: Cloud, Critical Severity, Exploit, Low Severity, TripWire

Continue Reading

Previous Cybersecurity in 2022 and Beyond
Next Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers

More Stories

  • Cyber Attacks
  • Data Breach

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

13 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

18 hours ago [email protected] (The Hacker News)
  • Data Breach

The Buyer’s Guide to AI Usage Control

19 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

20 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

1 day ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

1 day ago [email protected] (The Hacker News)

Recent Posts

  • AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control
  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT