SOURCE: Tripwire, Inc.

February 26, 2008 06:15 ET

Tripwire First to Achieve VMware ESX Server Benchmark Certification From Center for Internet Security

Tripwire Enterprise Is the Only Configuration Assessment Solution Certified to Ensure Secure VMware ESX Server Configurations

CANNES, FRANCE--(Marketwire - February 26, 2008) - Tripwire®, the recognized leader in configuration audit and control solutions, today announced that its newest product, Tripwire Enterprise for VMware ESX Server, is the first solution to receive Center for Internet Security (CIS) certification for its VMware ESX Server security benchmark. This certification is based on Tripwire's configuration assessment capabilities that help companies achieve and maintain a known, trusted and secure VMware ESX Server configuration state compliant with CIS Benchmark recommendations. [See today's announcement: Tripwire Brings Advanced Security and Compliance Capabilities to VMware Virtualized Environments.]

CIS Benchmarks coupled with Tripwire Enterprise help ensure continuous compliance across the datacenter. In fact, research and case studies show that 80-95 percent of known vulnerabilities are blocked by the technical security controls and actions recommended in the consensus benchmarks.

"As the popularity of virtualization grows, it is imperative that IT operations and information security work closely together from the start to ensure the security of this new environment," said Dave Shackleford, Vice President of CIS. "This was the driving force behind our new VMware Server benchmarks and we are pleased to see Tripwire integrating these new policies into its solution, allowing IT and security professionals to proactively safeguard their virtual infrastructure on a continuous basis."

CIS Benchmarks are a set of technical standards that draw upon best practices published by The SANS Institute, the National Security Agency (NSA), the National Institute of Standards and Technology (NIST), and the U.S. Defense Information Systems Agency (DISA), as well as consensus guidance from CIS members and users. The CIS Certification program is distinguished from other IT certifications because CIS certified vendor tools support the consensus best practices movement.

About Tripwire Enterprise for VMware ESX Server

Announced today, Tripwire Enterprise for VMware ESX Server brings immediate value by proactively assessing VMware ESX Server configurations, ensuring they are securely implemented. In addition to the CIS benchmark policies, Tripwire agentlessly provides continuous compliance assessment against operational and regulatory standards through custom configuration assessment policies that allow customers to proactively manage their configurations. Tripwire uniquely marries all its policies with the ability to detect changes to IT infrastructure, alerting IT to configuration changes that are not in compliance, to ensure control of the virtual environment.

Tripwire has received more CIS benchmark certifications than any other, and was the first company to achieve certification of the VMware ESX Server benchmark. "Tripwire is committed to continuously extend its market leadership by delivering the broadest platform of assessments for security, compliance and IT operations," said Dan Schoenbaum, senior vice president of marketing and business development at Tripwire. "The new Tripwire benchmark for VMware ESX Server builds on our rapidly increasing foundation of nearly 100 policies, providing customers with the ability to achieve and maintain the highest degree of confidence in their configurations across heterogeneous systems, helping organizations to effectively manage configuration-related IT risk."

About The Center for Internet Security

The Center for Internet Security (CIS) is a non-profit enterprise whose mission is to help organizations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls. CIS members develop and encourage the widespread use of security configuration benchmarks through a global consensus process involving participants from the public and private sectors. The practical CIS Benchmarks support available high level standards that deal with the "Why, Who, When, and Where" aspects of IT security by detailing "How" to secure an ever widening array of workstations, servers, network devices, and software applications in terms of technology specific controls. CIS Scoring Tools analyze and report system compliance with the technical control settings in the Benchmarks. The CIS Benchmarks and Scoring Tools are available for download free of charge to the Internet community from

About Tripwire, Inc.

Tripwire, Inc. is the recognized leader of configuration audit and control solutions, serving over 6,000 enterprises worldwide. As the first in the industry to combine configuration assessment with configuration change auditing, Tripwire helps IT organizations automate compliance across the data center, reducing risk and increasing operational efficiency. Tripwire ensures the organization achieves continuous operational, regulatory and security compliance, helping IT achieve and maintain a known, trusted and compliant system state. Tripwire is headquartered in Portland, Ore. with offices in the UK, Australia and Japan. For more information visit:

©2007, Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All other marks are property of their respective owners. All rights reserved.

Contact Information