ZDNet / IT Library / Security / Security Administration / Security Management /

Addressing Compliance Initiatives With Tripwire and the Center for Internet Security (CIS)

By Tripwire on March 26, 2009 (359 days ago)

See also

Infrastructure Management, Security Standards, Cost Control - Risk Mgmt., Sarbanes-Oxley

More Whitepapers

Data Management

Desktops, Laptops and OS

Enterprise Applications

IT Management

Networking and Communications

Professions and Industries

Security

Servers and Server OS

Software and Web Development

Storage

Publisher's description

In this paper, discover what you need to build an effective compliance program by understanding benchmarks, the basic building blocks of compliance initiatives. This whitepaper looks at:

  • What the CIS is and how it develops its benchmarks
  • How to use the benchmarks to address compliance and security
  • Some considerations to make when implementing
  • How Tripwire CIS-certified solution lets you take advantage
Download and learn about CIS security benchmarks and how Tripwire's CIS solution helps you meet your compliance and security needs.

Registration Required
File size 313.17kb - Check your internet speed
File format PDF - Download the latest version of Adobe Acrobat Reader

Download for free now

Similar whitepapers

Understanding Windows Mobile Security

One topic the user really needs to understand when deploying Windows Mobile applications is security. Often, developers spend a lot of time developing and testing their applications on emulators. However, applications that are working perfectly on emulators often break mysteriously on real devices. A large part of this can be attributed to the lack of understanding of the security policies implemented on Windows Mobile devices. In this paper, the user will learn about the security provisioning of Windows Mobile devices and how he or she can provision the own Windows Mobile device using the Device Security Manager (included with Visual Studio 2008).

-108 days ago by JupiterMedia Download

Cloud Computing: What It Is and What It Can Do for You

The definition of cloud computing depends largely on whether you are a consumer or producer. The public cloud is geared more for the individual consumer or small company, while the private cloud is geared more for a medium-to-large company. In addition, the private cloud is branching out to incorporate the ability to have some data and applications serviced from the public cloud. This white paper examines the different types of cloud computing and shows what cloud computing can offer you.

19 days ago by Global Knowledge Download

Travel Group Enhances Security, Increases Productivity, With Operating System Upgrade

The Emirates Group is a travel and tourism company that has witnessed tremendous growth year on year. In an effort to maintain its image as an innovator and deliver the latest technology to employees, the company is upgrading its client computers to the Windows 7 Enterprise operating system. As a result, Emirates already is experiencing improved system performance, increased employee productivity, and enhanced IT security.

30 days ago by Microsoft Download

Alabama Medicaid Agency to Cut Time Spent on Identity Management by 75 Percent

The Alabama Medicaid Agency was handling identity credential management in a decentralized, manual way. It was taking two IT staff members two hours a day to provision and deprovision users, with the possibility that systems might host outdated, erroneous, or inconsistent identity information. As part of a broader technology upgrade, the agency adopted Microsoft Identity Lifecycle Manager 2007, and expects to cut the time spent on identity management by 75 percent. With this solution, the agency also has increased the consistency of identity information across systems, boosted the security of its data and its compliance with privacy regulations such as HIPAA, and provided a flexible foundation for the continued growth of the identity management system to encompass more agencies in state government.

37 days ago by Microsoft Download

Momentum Webcast: Emerge Stronger With Improved Business Applications (Level 100)

This webcast provides an overview of six solutions Microsoft offers to help the one strengthen their business during the economic downturn. The presenter helps the attendee understand how to take advantage of the existing technologies to reduce cost and respond faster to business needs by achieving a lower total cost of ownership, optimizing performance, automating processes, turning information into insight, and improving security and compliance.

38 days ago by Microsoft Download

Municipality Upgrades Operating System for Enhanced Security, Better User Experience

Denmark's Vejle Municipality needed to upgrade its desktop operating system but was dissatisfied with the reliability and user-friendliness of its available choices. When the municipality tested the Windows 7 operating system, however, it decided to upgrade, citing the system's usability and security features as significant improvements. Vejle is experiencing greater user productivity, enhanced security, and easier management with Windows 7.

45 days ago by Microsoft Download

Tripwire whitepapers

Tripwire's Solutions for Automated, Continuous PCI Compliance

Many organizations today focus their energy on simply passing each PCI audit, losing sight of the main objectives of the PCI DSS - to secure the cardholder data environment. As a result, organizations still suffer security breaches and experience the negative fallout associated with a data compromise. Read this technology brief to find out how the tight integration of Tripwire Enterprise and Tripwire Log Center helps you pass audits - and continuously maintain a high level of security.

47 days ago by Tripwire Download

Achieving NERC Compliance Through Tripwire IT Security and Compliance Automation Solutions

IT organizations in every sector of the energy industry face routine pressure to comply with the requirements of NERC standards, but must do so with limited staff and decreasing budgets. Read this technology brief to learn more about how Tripwire solutions can help quickly achieve IT configuration integrity, immediately identify and remediate changes that introduce risk and non-compliance, and streamline and prove continuous compliance with even the most stringent NERC requirements.

In this white paper you'll see how with Tripwire you can efficiently become NERC compliant.

47 days ago by Tripwire Download

Tripwire Log Center: Next Generation Log and Event Management

Tripwire Log Center, a complete log and event management solution, offers sophisticated security event analysis and ultra-efficient log management. With Tripwire Log Center, you can query and search the event database, drill down to investigate suspicious activity, and even use graphical tools to correlate events with an incident and pinpoint where that incident impacted the IT infrastructure. A centralized dashboard gives a quick view of all alerts, events of interest and vulnerabilities. In this white paper, learn about using log data to track suspicious activity, the inadequacies of traditional security information and event management solutions, and requirements for meeting current security needs. Then learn how Tripwire Log Center helps meet those needs, and how it combines with Tripwire Enterprise to give visibility into changes and security events in the IT infrastructure, intelligence to make better decisions, and automation of repetitive, manual tasks.

47 days ago by Tripwire Download

For PCI, the Future is Now: How to comply with the global standard without breaking the bank

It has been more than five years since the heavyweights in the payment card industry banded together to develop common standards to protect users from fraud. Since then, the standards have gone global, expanding beyond merchants to include their application providers as well, and becoming more prescriptive.

As the PCI DSS and its sister standards continue to evolve and gain momentum, organizations will have to bake compliance into their everyday operations in order to eliminate fire drills, contain costs, keep current customers, and attract new ones.

57 days ago by Tripwire Download

Hassle-free compliance: Make compliance just another part of your processes by taking an operational approach to security

If the fast pace of government and industry standards is any indication, IT teams will not get a break from compliance any time soon. To stay ahead of the game, you have to automate change auditing and configuration assessment in your physical and virtual environments and weave them into your organization's day-to-day security plan.

Not only does this improve your security posture and ensure that gaps in protection are filled, but it also helps your organization become more efficient by saving staffing and budget resources for more strategic projects.

57 days ago by Tripwire Download

Information Security and Multi-Compliance: Avoiding Audit Fatigue with a Single IT Compliance Strategy

This Prescriptive Guide provides nine steps that information security managers can use to break the compliance blame cycle and build an information security program that more effectively mitigates security risk.

Completing the nine steps requires business stakeholders, IT management, and information security management to all mutually support the same goal. This guide describes how to gain this alignment and defines the various compliance roles so that information security and compliance activities become integrated into daily business operations.

57 days ago by Tripwire Download

Top stories

Virtual PC hole could lead to attacks, security firm says

Jury rules against Microsoft in patent suit

Microsoft modernizes Web ambitions with IE9

Use the tradeoff matrix in agile projects

Is Google Wave getting Buzzed?

Inside ZDNet Asia

Special Report: Tech Focus in 2010

Latest Videos on Tech Industry

Insight: Interviews with Newsmakers

Search for over 15,000 Tech Jobs in Asia

Find your Tech answers in TechGuides

IT Library: Over 60,000 IT papers at your fingertips

Download IT Priorities 2010 Report