Blog
Tripwire vs Industrial Defender for Compliance

Tripwire vs Industrial Defender for Compliance

Abstract shapeAbstract shape
Join 27,000+ cybersecurity newsletter subscribers

When it comes to compliance, passing audits means providing adequate documentation that you've taken the necessary steps to secure your environment. Sometimes creating this documentation can be just as difficult as enacting the security measures themselves, so software solutions exist that are supposed to streamline the compliance documentation process and make it easy for both companies and auditors to determine compliance. Tripwire offers a compliance solution with their suite of products, while Industrial Defender, now owned by defense contractor Lockheed Martin, offers their Automated Systems Manager (ASM) product.

You can't really call yourself a compliance solution unless you can check the boxes off in an audit. So comparing compliance solutions really comes down to how they check the boxes and whether the effort put in to compliance documentation can have any additional value outside of auditing. We'll take a look at what Tripwire products are required for compliance, as well as what Industrial Defender has to offer.

Tripwire

Tripwire has been around for some time and made their name in the compliance game by offering one of the earliest File Integrity Monitoring (FIM) solutions. Now they've expanded their compliance offering to PCI, HIPAA, and SOX, among others. According to their site, they offer FIM, asset inventory, vulnerability and configuration assessment and log management. 

tripwire_interface.jpg
Tripwire Enterprise Console


Industrial Defender

Cybersecurity firm Industrial Defender was purchased by Lockheed Martin in 2014. Lockheed has continued offering Industrial Defender as a compliance solution as part of the cybersecurity branch of their multifaceted corporation. Using their integral relationship with the government, Lockheed is focusing their compliance on infrastructure controls and security, such as NERC standards.

Industrial Defender Interface
Industrial Defender Interface

Side-by-Side Scoring: Tripwire vs. Industrial

1. Capability Set

Tripwire compliance product requirements diagram (source: Tripwire.com)

Both Tripwire and Industrial Defender offer large feature sets in an attempt to cover the bases for multiple compliance standards. Lockheed touts automation as a strong suit for their Industrial Defender ASM product, but mostly it's the data gathering and reporting that is "automated," not actual remediation. Tripwire's feature set is large, but it requires multiple products (360, Enterprise and Log Center) to cover many of the standards.

Tripwire Industrial Defender
4/5 4/5

2. Ease of Use

Industrial Defender ASM architecture (Source: cyber.lockheedmartin.com)

Unfortunately, despite their feature sets, neither Tripwire nor Industrial Defender is particularly easy to use. Tripwire's reputation for complexity follows them into compliance and the initial roll out (especially for non-Tripwire customers) of the necessary architecture can be cumbersome and involved. Industrial Defender has a similar but slightly less difficult implementation and its interface is similar to Tripwire's (see above), lacking some of the slickness expected of modern applications.

Tripwire Industrial Defender
2/5 3/5

3. Community Support

If you come from the open source world, you'll be disappointed with the community support available for both of these products. There's little available to non-customers looking to learn more, and while Tripwire at least has a customer portal where there might be a knowledge base or FAQ, but neither has the kind of crowdsourced troubleshooting or product discussion as one might find with other software. Both companies offer professional services as part of their package, so companies looking to utilize their software should prepare for additional support expenses when attempting compliance.

Tripwire Industrial Defender
3/5 1/5

4. Release Rate

As enterprise closed-source products, both Tripwire and Lockheed play their cards close to the chest regarding their release cycle, but release is relatively slow, especially in a DevOps world, with Lockheed's major version updates making news. 

Tripwire Industrial Defender
3/5 3/5

5. Pricing and Support

A monitoring system won't troubleshoot a configuration error. A configuration test script will.

Compliance is both mandatory and a niche market, so prices for solutions can be steep, especially from large companies like Tripwire and Lockheed. Expect a low to mid five figure quote, minimum, for both of these products. Keep in mind that Tripwire's compliance solution requires multiple Tripwire products, each of which is licensed separately. And as mentioned above, professional services come at an additional cost and for complex integrations could be a necessity. In the past, companies have weighed the cost of compliance with the cost of non-compliance to determine which course would best serve the business. Making compliance expensive, even if it makes it easier, does little to move organizations to a more secure environment. 

Tripwire Industrial Defender
2/5 2/5

6. API and Extensibility

Tripwire offers a SOAP API for programmability and tie-ins with other solutions. Industrial Defender has an API as well, though little information about it is available. API use of both products seems to be secondary to GUI based management.

Tripwire Industrial Defender
4/5 2/5

7. 3rd Party Integrations

Tripwire does offer integration to some degree, through the previously mentioned API. On the professional services portion of their site, Tripwire claims to "integrate with numerous third-party systems, from change and incident management systems to SIEM solutions." Lockheed has not advertised what kind of integrations customers can expect, but it's reasonable to expect that they can provide the same type of custom integration programming as Tripwire-- likely with the same type of price tag.

Tripwire Industrial Defender
3/5 3/5

8. Companies that Use It

Tripwire's early appearance in the compliance field and their reputation as the de facto solution have earned them a huge customer base. According to their website, over half the companies on the Fortune 500 are Tripwire customers. Industrial Defender is a bit more difficult to gauge, as Lockheed is unsurprisingly secretive about which of their customers use which products, but needless to say Lockheed Martin is a multibillion dollar enterprise and their customer list likely reflects this.

Tripwire Industrial Defender
5/5 4/5

9. Learning Curve

Anything with the complexity of compliance auditing is going to have some learning curve. Tripwire's products are notoriously complicated, often offering a deluge of data with major tweaking required to make it usable. With interfaces more like traditional thick clients and less like the streamlined webapps of today, neither Industrial Defender nor Tripwire has truly conquered the learning curve or ease of use problem. Organizations will require experts in these products, with previous experience and receiving regular training on both the standards and the software.

Tripwire Industrial Defender
2/5 3/5

10. Security rating

UpGuard's external risk grader measures a site's external resiliency by testing security mechanisms such as SSL and SPF, and analyzing business data such as breach history, CEO and company approval, and industry averages. Tripwire's security rating is 779. Surprisingly, Industrial Defender has poor security with a security rating of 675.  

Scoreboard and Summary

  Tripwire Industrial Defender
Capability set 4/5 4/5
Ease of use 2/5 3/5
Community support 3/5 1/5
Release rate 3/5 3/5
Pricing and support 2/5 2/5
API and extensibility 4/5 2/5
3rd party integrations 3/5 3/5
Companies that use it 5/5 4/5
Learning curve 2/5 3/5
Security rating 779 675
Total 3.2/5 2.8/5

In the end, both Tripwire and Industrial Defender are traditional compliance products with complex features, legacy interfaces, little public documentation and big price tags. Additionally, standards are constantly updated, which means hardcoded compliance software will need to be updated to support the newest versions-- that is, after the software developers understand the changes and standard mappings and recode the project. UpGuard offers a new kind of compliance solution: total environment visibility in a single pane, an intuitive graphical interface with simple visualizations,  a powerful and easy to use search engine, and adaptable change tracking policies, all at a fraction of the cost of traditional compliance solutions. Book a demo and our team will show you why UpGuard is different from other compliance software.

Free

UpGuard logo in white
UpGuard free resources available for download
Learn more

Download our free ebooks and whitepapers

Insights on cybersecurity and vendor risk management.
UpGuard logo in white
eBooks, Reports & Whitepapers
UpGuard free resources available for download
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Abstract shapeAbstract shape

Related posts

Learn more about the latest issues in cybersecurity.
Deliver icon

Sign up to our newsletter

Get the latest curated cybersecurity news, breaches, events and updates in your inbox every week.
Abstract shapeAbstract shape
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
Website Security scan resultsWebsite Security scan ratingAbstract shape