(RSA Conference 2019, Booth #6345) “ Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced expanded coverage and support for DevOps environments. The new vulnerability scanning and compliance functionality of Tripwire for DevOps includes additional container registries and Amazon Machine Image (AMI) types, and supports more of the tools and processes used by organizations to integrate security into DevOps.
DevOps environments can look dissimilar from one organization to another, and “ depending on organizational requirements or use cases “ preferred container registries, tools and workflows can all be different, said Tim Erlin, vice president of product management and strategy at Tripwire. We’ve expanded our DevOps security solutions to work with numerous environments in order to help more organizations embed security into their DevOps practices. By building consistent security practices between DevOps environments and the rest of the organization, Tripwire helps incorporate security consistently across the DevOps life cycle “ from build to pre-deployment to production.
Tripwire for DevOps has expanded its support to include:
- Google Container Registry.
- Quay.io remote registry.
- Docker Registry HTTP API V2.
- Amazon Elastic Container Registry (ECR).
- Windows and Linux AMIs.
Tripwire for DevOps is a software-as-a-service (SaaS) solution that provides configuration assessment and vulnerability management in containers across the DevOps life cycle. By fully automating the assessment of container images in the continuous integration/continuous deployment (CI/CD) pipeline and dynamically testing live instances of application containers in an isolated, cloud-based sandbox, Tripwire for DevOps can establish quality gates at each stage that ensure defined security standards are met. It can also be used to simply monitor and assess repositories, providing visibility into potential risks and without interference to the process.
Tripwire solutions extend beyond development stages, offering organizations the ability to assess online, offline, running and non-running containers for vulnerabilities in an effort to drive consistency in security practices across environments.
For more information, please visit: https://www.tripwire.com/products/tripwire-for-devops.
Tripwire is the trusted leader for establishing a strong cybersecurity foundation. Partnering with Fortune 500 enterprises, industrial organizations and government agencies, Tripwire protects the integrity of mission-critical systems spanning physical, virtual, cloud and DevOps environments. Tripwires award-winning portfolio delivers top critical security controls, including asset discovery, secure configuration management, vulnerability management and log management. As the pioneers of file integrity monitoring (FIM), Tripwires expertise is built on a 20+ year history of innovation helping organizations discover, minimize and monitor their attack surfaces.
Ray Lapena, +1 714-624-8862