Although Heartland suspected a breach as early as October 2008, it wasn't until mid-January 2009
that a team of outside forensic experts detected malware in Heartland's systems. However, this security breach (like most) left trails that could have been immediately detected with the right tools, thereby reducing or eliminating any damage.
Tripwire provides IT organizations with enhanced file integrity monitoring, configuration assessment and log management that automates continuous PCI compliance. But unlike other solutions, Tripwire's identify the events that matter most-those that pose the real security
risks or take you out of compliance. And they help you discover those events immediately, while you can still contain the damage.
SOLUTION BRIEF
Tripwire's Solutions for Automated,
Continuous PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, hacking and other security vulnerabilities. Unfortunately, many organizations focus their energy on simply passing each PCI audit, losing sight of the main objective of the PCI DSS-to secure the cardholder data environment. As a result, organizations still suffer security breaches and experience the negative fallout associated with a data compromise even though they passed their audit-and they can take weeks or months to determine where a breach originated because of the lack of immediate and focused evidence of system activity. To contain damage, organizations need to be alerted as the breaches are unfolding, not long after."Since implementing Tripwire Enterprise, we easily prove The recent security breaches at Heartland HOW TRIPWIRE HELPScompliance for PCI audit requirements, have reduced Payment Systems and Hannaford Brothers Tripwire provides IT organizations with unplanned work, and greatly are painful examples of the lack of enhanced file integrity monitoring, improved our change manage- immediate visibility. Although Heartland configuration assessment and log man-ment process. Now, instead suspected a breach as early as October agement that automates continuous PCI of spending time on service 2008, it wasn't until mid-January 2009 compliance. But unlike other solutions, events, we can focus more on that a team of outside forensic experts completing our IT projects, Tripwire's identify the events that matter and adding additional value detected malware in Heartland's systems. most-those that pose the real security and efficiency to the company." However, this security breach (like most) risks or take you out of compliance. And - Roni Wegner, Senior VP left trails that could have been immediate- they help you discover those events imme- CAPITAL Card Services ly detected with the right tools, thereby diately, while you can still contain the reducing or eliminating any damage. Or damage. Tripwire offers these capabilities the information was captured, but not in two complementary products: Tripwire® recognized as a critical event that required Enterprise, with file integrity monitor-immediate attention. ing and configuration assessment, and SOLUTION BRIEF
Tripwire® Log Center, which provides com- and other IT assets in your cardholder prehensive log and event management. data environment. For example, Tripwire "If you are going to pur- Enterprise provides coverage of most oper-chase any one tool to help DYNAMIC CHANGE INTELLIGENCE ating systems; databases like Oracle, SQL achieve PCI compliance, buy Tripwire." The proven file integrity monitoring (FIM) and DB2; directory services like Active capabilities of Tripwire Enterprise help Directory and SunOne; network devices - James Summers you meet the FIM requirements of PCI DSS like Cisco IOS/PIX; applications such as CISO, Vesta requirement 11.5 by detecting changes to Microsoft Exchange and IIS; and even cus-critical system, configuration and content tom applications."With out-of-the-box files. Because FIM using Tripwire Enterprise capabilities specific to PCI, purchasing Tripwire saved takes advantage of built-in configuration LOG AND EVENT MANAGEMENT my staff three months of hav- assessment capabilities, Tripwire Enterprise When it comes to PCI Requirement 10, it's ing to search out and stitch helps you reduce risk by immediately all about logs-demonstrating that audit together a hodgepodge evaluating how changes have affected trails are enabled, active and secure; that solution on our own. The compliance status. When a change impacts information about system and user activity time savings more than paid policy compliance, alerts and valuable is logged and stored; that logs performing for the software license and training" remediation assistance help you immedi- a security function are reviewed at least ately return systems to a secure, compliant daily; and that an audit trail is maintained - Rachelle Osborn Director of IT, Wesco state. This "dynamic change intelligence" for at least a year, with the most recent is what lets Tripwire Enterprise deliver true information easily accessible for forensic continuous PCI complian... [download for more]
