Tripwire vs Industrial Defender for Compliance

Posted by UpGuard

 Tripwire vs. Industrial Defender for Compliance

When it comes to compliance, passing audits means providing adequate documentation that you've taken the necessary steps to secure your environment. Sometimes creating this documentation can be just as difficult as enacting the security measures themselves, so software solutions exist that are supposed to streamline the compliance documentation process and make it easy for both companies and auditors to determine compliance. Tripwire offers a compliance solution with their suite of products, while Industrial Defender, now owned by defense contractor Lockheed Martin, offers their Automated Systems Manager (ASM) product.

You can't really call yourself a compliance solution unless you can check the boxes off in an audit. So comparing compliance solutions really comes down to how they check the boxes and whether the effort put in to compliance documentation can have any additional value outside of auditing. We'll take a look at what Tripwire products are required for compliance, as well as what Industrial Defender has to offer.

Get the Digital Resilience eBook

Tripwire

Tripwire has been around for some time and made their name in the compliance game by offering one of the earliest File Integrity Monitoring (FIM) solutions. Now they've expanded their compliance offering to PCI, HIPAA, and SOX, among others. According to their site, they offer FIM, asset inventory, vulnerability and configuration assessement and log management. 

tripwire_interface.jpgTripwire Enterprise Console

Industrial Defender

Cybersecurity firm Industrial Defender was purchased by Lockheed Martin in 2014. Lockheed has continued offering Industrial Defender as a compliance solution as part of the cybersecurity branch of their multifaceted corporation. Using their integral relationship with the government, Lockheed is focusing their compliance on infrastructure controls and security, such as NERC standards.

Industrial Defender InterfaceIndustrial Defender Interface

Side-by-Side Scoring: Tripwire vs. Industrial

1. Capability Set

Tripwire compliance product requirements diagram (source: Tripwire.com)Both Tripwire and Industrial Defender offer large feature sets in an attempt to cover the bases for multiple compliance standards. Lockheed touts automation as a strong suit for their Industrial Defender ASM product, but mostly it's the data gathering and reporting that is "automated," not actual remediation. Tripwire's feature set is large, but it requires multiple products (360, Enterprise and Log Center) to cover many of the standards.

Capability Set

Tripwire score_4.png
Industrial Defender score_4.png

2. Ease of Use

Industrial Defender ASM architecture (Source: cyber.lockheedmartin.com)Unfortunately, despite their feature sets, neither Tripwire nor Industrial Defender is particularly easy to use. Tripwire's reputation for complexity follows them into compliance and the initial roll out (especially for non-Tripwire customers) of the necessary architecture can be cumbersome and involved. Industrial Defender has a similar but slightly less difficult implementation and its interface is similar to Tripwire's (see above), lacking some of the slickness expected of modern applications.

Ease of Use

Tripwire score_2.png
Industrial Defender score_3.png

3. Community Support

If you come from the open source world, you'll be disappointed with the community support available for both of these products. There's little available to non-customers looking to learn more, and while Tripwire at least has a customer portal where there might be a knowledge base or FAQ, but neither has the kind of crowdsourced troubleshooting or product discussion as one might find with other software. Both companies offer professional services as part of their package, so companies looking to utilize their software should prepare for additional support expenses when attempting compliance.

Community Support

Tripwire score_3.png
Industrial Defender score_1.png

4. Release Rate

As enterprise closed-source products, both Tripwire and Lockheed play their cards close to the chest regarding their release cycle, but release is releatively slow, especially in a DevOps world, with Lockheed's major version updates making news

Release Rate

Tripwire score_3.png
Industrial Defender score_3.png

5. Pricing and Support

Compliance is both mandatory and a niche market, so prices for solutions can be steep, especially from large companies like Tripwire and Lockheed. Expect a low to mid five figure quote, minimum, for both of these products. Keep in mind that Tripwire's compliance solution requires multiple Tripwire products, each of which is licensed separately. And as mentioned above, professional services come at an additional cost and for complex integrations could be a necessity. In the past, companies have weighed the cost of compliance with the cost of non-compliance to determine which course would best serve the business. Making compliance expensive, even if it makes it easier, does little to move organizations to a more secure environment. 

Pricing and Support

Tripwire score_2.png
Industrial Defender

score_2.png

6. API and Extensibility

Tripwire offers a SOAP API for programmability and tie-ins with other solutions. Industrial Defender has an API as well, though little information about it is available. API use of both products seems to be secondary to GUI based management.

API and Extensibility

Tripwire score_4.png
Industrial Defender score_2.png

7. 3rd Party Integrations

Tripwire does offer integration to some degree, through the previously mentioned API. On the professional services portion of their site, Tripwire claims to "integrate with numerous third-party systems, from change and incident management systems to SIEM solutions." Lockheed has not advertised what kind of integrations customers can expect, but it's reasonable to expect that they can provide the same type of custom integration programming as Tripwire-- likely with the same type of price tag.

3rd Party Integrations

Tripwire score_3.png
Industrial Defender score_3.png

8. Companies that Use It

Tripwire's early appearance in the compliance field and their reputation as the de facto solution have earned them a huge customer base. According to their website, over half the companies on the Fortune 500 are Tripwire customers. Industrial Defender is a bit more difficult to gauge, as Lockheed is unsurprisingly secretive about which of their customers use which products, but needless to say Lockheed Martin is a multibillion dollar enterprise and their customer list likely reflects this.

Companies that Use It

Tripwire score_570.png
Industrial Defender score_4.png

9. Learning Curve

Anything with the complexity of compliance auditing is going to have some learning curve. Tripwire's products are notoriously complicated, often offering a deluge of data with major tweaking required to make it usable. With interfaces more like traditional thick clients and less like the streamlined webapps of today, neither Industrial Defender nor Tripwire has truly conquered the learning curve or ease of use problem. Organizations will require experts in these products, with previous experience and receiving regular training on both the standards and the software.

Learning Curve

Tripwire score_2.png
Industrial Defender score_3.png

10. CSTAR Score

UpGuard's external risk grader measures a site's external resiliency by testing security mechanisms such as SSL and SPF, and analyzing business data such as breach history, CEO and company approval, and industry averages. Tripwire recently improved their score from a 542 and are currently doing well at 779. Surpisingly, Lockheed's site has relatively poor security, lacking sitewide SSL on their website and SPF and DMARC for their email, troubling for a (cyber-) security corporation. Learn more about CSTAR here.

CSTAR Score

Tripwire 779
Industrial Defender 475

 

Scoreboard and Summary

  Tripwire Industrial Defender
Capability Set score_570.png score_570.png
Ease of Use score_570.png score_570.png
Community Support score_570.png score_570.png
Release Rate score_570.png score_570.png
Pricing and Support score_570.png score_570.png
API and Extensibility score_570.png score_570.png
3rd Party Integrations score_570.png score_570.png
Companies that Use It score_570.png score_570.png
Learning Curve score_570.png score_570.png
CSTAR Score 779 475
Total   3.2 out of 5   2.7 out of 5

In the end, both Tripwire and Industrial Defender are traditional compliance products with complex features, legacy interfaces, little public documentation and big price tags. Additionally, standards are constantly updated, which means hardcoded compliance software will need to be updated to support the newest versions-- that is, after the software developers understand the changes and standard mappings and recode the project. UpGuard offers a new kind of compliance solution: total environment visibility in a single pane, an intuitive graphical interface with simple visualizations,  a powerful and easy to use search engine, and adapable change tracking policies, all at a fraction of the cost of traditional compliance solutions. Your first 10 nodes are free to try for yourself, or you can request a demo and our team will show you why UpGuard is different from other compliance software.

Make Upguard Your Compliance Solution

More Articles

Datadog vs. New Relic

Monitoring tools have come a long way since the early days of Big Brother. Today's solutions have evolved into powerful software troubleshooting and performance analytics platforms capable of deconstructing and analyzing the entire application stack—infrastructure up—for bugs and issues.

Cisco vs. FireEye for Continuous Security

Who provides better continuous security: the world's largest maker of networking equipment or the first cybersecurity firm certified by the U.S. Department of Homeland Security?

Read Article >

AlienVault vs. Tenable for Continuous Security

As perimeter-based cyber protection falls to the wayside, a new breed of continuous security solutions are emerging that combine traditional endpoint protection with newer technologies like security information and event management (SIEM) and crowdsourced threat intelligence.

Read Article 

Topics: security, tripwire, compliance, industrial defender

UpGuard customers