Belden-owned Tripwire on Monday announced the availability of two new assessment services designed to help enterprises and industrial organizations find potentially dangerous vulnerabilities in their systems.
One of the new services, Industrial Cybersecurity Assessment, provides experts who can discover vulnerabilities in industrial control system (ICS) environments and determine if they can actually be exploited and if they pose a significant risk.
As part of the service, Tripwire employees review data from automated scanners, proprietary tools and manual reviews. Each finding is manually analyzed to check if the flaw actually exposes the organization, identify mitigating factors, and determine its impact.
Tripwire says it can analyze energy management systems, supervisory control and data acquisition (SCADA) systems, real-time control systems, distributed control systems (DCS), programmable logic controllers (PLCs) and other network devices without causing any disruptions.
The second service launched on Monday by Tripwire, Penetration Testing Assessments, is similar, but focuses on the analysis of an organization’s IT environment.
The pentesting service covers web applications, network services, wireless infrastructure, client-side and internal systems, and even physical security. Tripwire’s experts will focus on authentication and data flows on the network, and communications between systems and their users.
“We are expanding the ways Tripwire customers can partner with us in developing a strong security strategy,” said Tim Erlin, vice president of product management and strategy at Tripwire. “Pen testing and assessment services are a good launching point for building a robust security posture. We provide organizations a tangible understanding of their security weaknesses and risks up front, and then help them develop a robust security strategy including critical security controls such as secure configuration and vulnerability management. It’s important that organizations – even those with the most mature security programs – test their defenses and stay up to date on vulnerability protection.”
Related: The ABCs Driving the Growth of Industrial Cybersecurity
Related: Claroty Adds New Capabilities to Industrial Security Platform
Related: ForeScout Acquires Industrial Security Firm SecurityMatters for $113 Million in Cash
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
Latest News
- Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op
- Feds Say Cyberattack Caused Suicide Helpline’s Outage
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
