Tripwire Configuration Manager: Cloud Auto-Remediation and Enforcement

Determining the security posture for an increasing quantity of cloud accounts and services used by many organizations can feel overwhelming, but Tripwire Configuration Manager can help you find, fix, and even enforce settings for common security problems in cloud services. In this blog, we will show how the simple steps required to have Tripwire Configuration Manager automatically fix common configuration issues.

Getting started with Tripwire Configuration Manager is simple, and users can view cloud account configuration results in minutes. It assesses your cloud accounts (such as Amazon Web Services, Azure, Google Cloud Platform) and provides guidance on which configuration items meet or do not meet best practice standards.

In the following screen capture, we have audited an AWS account with the Amazon Web Services Foundations version 1.3 benchmark policy. In this account, we have highlighted three existing configuration deficiencies that Tripwire Configuration Manager can auto remediate.

Selecting the issue titled “Validate That Password Policy MinimumPasswordLength is 14 or Greater” displays information about the selected failing policy compliance test including the current value. In this case, our minimum password length of 6 falls far below the Center for Internet Security recommended value of 14.

Conveniently, Tripwire’s solution offers automated remediation with the Fix Now capability. Selecting Run Fix Now will update the cloud account configuration so that the minimum password length required for logins is 14 characters, which is in line with the CIS AWS Benchmark for best practices. Tripwire Configuration Manager can fix numerous common misconfigurations in cloud control panels and storage.

Unauthorized changes are a leading cause of breaches, so once a fix is in place, you may also wish to enforce settings to protect against unplanned changes occurring at a later date. To safeguard against unauthorized changes, this form also provides the option to “Fix automatically in future.”

By selecting this option, you empower the manager to enforce this setting, automatically reverting future unauthorized changes back to the secure value.  

Start a Free Trial today to discover how Tripwire Configuration Manager can keep your cloud accounts compliant with best practice configurations by automatically remediating and enforcing common secure configurations.