Actu
Tripwire and Check Point Announce Technology Partnership and Integration
December 2014 by Marc Jacob
Tripwire and Check Point announced a technology partnership and integration. The collaboration is part of Tripwire’s Technology Alliance Program (TAP), designed to allow a wide variety of vendors to team with Tripwire to deliver innovative security solutions.
According to the ISACA Advanced Persistent Threat Awareness Study, one in five organizations has experienced an advanced persistent attack in the past, and 66 percent believe they will be targeted in the future. As attacks increase in frequency and sophistication, organizations need robust security programs that can detect and respond to threats in real time. The integration of Tripwire Enterprise and Check Point’s ThreatCloud Emulation Service provides customers with unprecedented protection against advanced and zero-day threats, whether known or unknown.
Tripwire Enterprise is a real-time endpoint threat protection solution that continuously captures, monitors and records system and file change data on critical systems. The Tripwire Enterprise solution includes Integrity Manager and Remediation Manager modules that enable cybersecurity teams to rapidly reduce their attack surface and continuously assure system integrity. Check Point’s Threat Emulation prevents infections from undiscovered exploits, zero-day and targeted attacks. The emulation service thwarts discovered malware from entering and propagating in the network.
The integration of Tripwire Enterprise and Check Point’s ThreatCloud Emulation Service makes it possible for customers to closely monitor critical systems for changes as well as the introduction of new files, which can indicate an advance attack in progress. When a new suspicious file is identified on a protected endpoint, Tripwire Enterprise shares the information with ThreatCloud Emulation Service, which returns a verdict on the file. Depending on the outcome, the file can then be tagged as malicious or sent to the ThreatCloud Emulation sandbox for further examination. If the sandbox analysis detects a new danger, the emulation service provides updated threat information to all of Check Point’s security gateways worldwide.
The integration of Tripwire Enterprise and Check Point Threat Emulation Service enables customers to:
– Automatically review system binary changes for known and advanced threats, ensuring malicious changes are detected rapidly.
– Accelerate the time it takes to detect zero-day threats and quickly determine endpoint risk priority in order to take additional actions.
– Reduce the time to remediate critical threats by prioritizing security actions based on changes to systems that are affected by threats identified by Check Point ThreatCloud.
– Deliver enhanced protection against undiscovered exploits, targeted endpoint attacks and zero-days, and avoid repeat attacks.
