How a Grocery Chain Turned Compliance Checkboxes into IT Security

Michael Thelander and Alex Cox of Tripwire
What do Porsche Informatik, KVAT Food Stores, The Logic Group, and the US Government have in common? Each of these organizations "hired" Tripwire Enterprise to satisfy a specific compliance requirement, but then leveraged their investment to provide a broader, more sustainable set of security initiatives.

Register for this webcast and see how organizations of varying shapes and sizes (including the investigative arm of the US Congress!) transformed Tripwire Enterprise from a checkbox-satisfying point tool into a strategic security solution. Learn how you too can:

- Use your PCI-DSS "check box" tools to increase security and reduce risk throughout your network (without increasing manpower or workload)
- Continually harden IT configurations across your enterprise, using a solution originally brought on board to provide critical change control within the DMZ alone
- Turn compliance-mandated file integrity monitoring into a robust and easy-to-manage intrusion detection solution

Join Michael Thelander and Alex Cox of Tripwire for Part 1 of a 3-part series, where they offer a 30-minute demonstration of how one customer turned a PCI compliance investment (or a "sunk cost")into an IT security solution that delivers business value while it satisfies multiple compliance needs. Parts 2 and 3 of this series will explore the journeys other Tripwire Enterprise customers have taken from "mandated compliance tool" to "indispensible IT security solution".
Dec 8 2011
45 mins
How a Grocery Chain Turned Compliance Checkboxes into IT Security
compliance PCI Security
More from this community:

Data Center Management

  • Live and recorded (2938)
  • Upcoming (95)
  • Date
  • Rating
  • Views
  • Business computing is changing before our eyes. Physical PCs and servers cannot keep pace with the mobile workforces of today or tomorrow. BYOD (Bring Your Own Device) is no longer a “nice to have”, it is a “must have”. The problem most companies face is providing secure and controllable access – anytime, anywhere – to the data, applications, tools and resources required to maintain an enterprise network. DaaS is quickly becoming the leading solution for companies to adopt a comprehensive BYOD policy while actually increasing security and ubiquitous access. Join Nuvestack, the leader in DaaS technology, for an informative and insightful look at what it really takes to implement and manage DaaS as a BYOD strategy.
  • Business computing is changing before our eyes. Physical PCs and servers cannot keep pace with the mobile workforces of today or tomorrow. BYOD (Bring Your Own Device) is no longer a “nice to have”, it is a “must have”. The problem most companies face is providing secure and controllable access – anytime, anywhere – to the data, applications, tools and resources required to maintain an enterprise network. DaaS is quickly becoming the leading solution for companies to adopt a comprehensive BYOD policy while actually increasing security and ubiquitous access. Join Nuvestack, the leader in DaaS technology, for an informative and insightful look at what it really takes to implement and manage DaaS as a BYOD strategy.
  • New projects drive revenue. Every project is different, has different deadlines, and has different data management requirements. Delivering an IT infrastructure that can deal with the erratic workloads and constantly changing data needs is nearly impossible, let alone being confident that Finance will be able to run reports fast enough to close the books at the end of the month with no complaints. Join Chris McCall, SVP Marketing from NexGen Storage to discuss new value-driven data management capabilities designed to deliver a superior end user experience for project-oriented architecture and engineering firms.
  • New projects drive revenue. Every project is different, has different deadlines, and has different data management requirements. Delivering an IT infrastructure that can deal with the erratic workloads and constantly changing data needs is nearly impossible, let alone being confident that Finance will be able to run reports fast enough to close the books at the end of the month with no complaints. Join Chris McCall, SVP Marketing from NexGen Storage to discuss new value-driven data management capabilities designed to deliver a superior end user experience for project-oriented architecture and engineering firms.
  • Every year, businesses are making the decision to adopt a Unified Communications platform. Why? The reason is simple – Unified Communications capabilities save companies time and money, and increases productivity.

    Today’s mobile and resource-challenged workers require more freedom and flexibility in how they communicate with their colleagues, teams, partners and customers. Instant Messaging, Presence, Voice and Video Calling, SMS Texting, and Screen Sharing features enable employees to easily connect with their colleagues, partners and customers. Each of these tools have an associated cost, which can add up quickly per user. By removing the a la carte price tags and contracts and rolling all of the tools into one unified platform, both the business and its employees reap the benefits.

    In this webinar, we will cover the following:

    - Typical per-user spend on Screen Share, Video Conferencing, Presence, and IM tools

    - Why businesses are moving to Unified Communications

    - Features of a Unified Communications system
  • Every year, businesses are making the decision to adopt a Unified Communications platform. Why? The reason is simple – Unified Communications capabilities save companies time and money, and increases productivity.

    Today’s mobile and resource-challenged workers require more freedom and flexibility in how they communicate with their colleagues, teams, partners and customers. Instant Messaging, Presence, Voice and Video Calling, SMS Texting, and Screen Sharing features enable employees to easily connect with their colleagues, partners and customers. Each of these tools have an associated cost, which can add up quickly per user. By removing the a la carte price tags and contracts and rolling all of the tools into one unified platform, both the business and its employees reap the benefits.

    In this webinar, we will cover the following:

    - Typical per-user spend on Screen Share, Video Conferencing, Presence, and IM tools

    - Why businesses are moving to Unified Communications

    - Features of a Unified Communications system
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • What data is needed in order to troubleshoot complex application problems? How can this data be collected off the network? What tools and monitoring methods are necessary to collect, compile, and interpret data into usable and actionable data?

    In this second of four webinars we will show how AANPM makes use of SNMP, NetFlow, and packet-level detail to gain end to end visibility of an application infrastructure.
  • With 40% of time at work spent on administrative chores, inefficient communication is a big problem in business. Find out how to use tech to reduce wasted time in meetings, spend less time in your inbox and improve the way your company collaborates.

    About the presenter: Ray Gillenwater is the Co-founder and CEO of SpeakUp (getspeakup.com) an Enterprise Collaboration platform that enables collaborative problem solving and ideation. A student of Communications and a former executive at BlackBerry, Ray will share his experience and recommendations to help improve communication at your company.
  • Channel
  • Channel profile
  • Retail Security – Closing The Threat Gap Recorded: Jun 12 2014 58 mins
    Attendees will learn:
    •How they can detect key indicators of a threat earlier in the threat kill chain to avoid or limit the financial damage as well as the damage to their reputation.
    •The importance of end point security across your business critical systems, including your POS systems.
    •How implementing critical security controls can make you an unattractive target.
  • How the 20 Controls Address Real Threats Recorded: Jun 11 2014 60 mins
    In this webcast, we will:

    •Discuss how to translate security information into specific and scalable action
    •Describe the remediation plan for the controls, starting with the Top 5
    •Discuss how the Council on CyberSecurity uses a community approach to this translation problem to create and sustain the Critical Security Controls.
    •Discuss how the community will help advise and support your risk management efforts with a formalized framework
  • Heartbleed Outpatient Care: Steps for Secure Recovery Recorded: May 15 2014 48 mins
    In this webcast we will show:

    The Heartbleed vulnerability in detail, how it occurred with examples of how it can be used against your organization
    How you can identify your business exposure and what systems are vulnerable
    How Tripwire’s solutions work together to help you close the detection, remediation and prevention gaps around Heartbleed
  • Insider Threat Kill Chain: Detecting Human Indicators of Compromise Recorded: May 8 2014 34 mins
    In this webinar we will:

    • Discuss how human resources, legal and IT can work together to help prevent insider threats before they become a problem.
    • Identify risk indicators with employee attitudes and behavior and how it correlates to their patterns of activity on your network.
    • Show how you can use log intelligence and security analytics to automate actions and alerts and rapid reporting and forensics.
  • Heartbleed Outpatient Care: Steps for Secure Business Recovery Recorded: Apr 17 2014 57 mins
    In this webcast we will show:
    1. The Heartbleed vulnerability in detail, how it occurred with examples of how it can be used against your organization
    2. How you can identify your business exposure and what systems are vulnerable
    3. How Tripwire’s solutions work together to help you close the detection, remediation and prevention gaps around Heartbleed
  • AAA: Getting Roadside Assistance from Tripwire Recorded: Apr 2 2014 56 mins
    Tim Masey, Director of Enterprise Information Security at AAA, will share his company’s PCI journey.
    In this Q&A-style webcast you will learn:
    •How to move your PCI efforts from a small tactical implementation to a key critical component of your security posture.
    •How to align your compliance efforts with the needs of the business, which will allow you to gain more resources—financial, human and technical.
    •How to utilize security and policy driven dashboards to get your management’s support.
  • How to Restore Trust After a Breach – Middle East Recorded: Mar 13 2014 39 mins
    Jason Clark, CISSP, Tripwire Technical Manager (Middle East), will be sharing how to achieve trust after a data breach in this UK focused webcast, which will cover crucial questions such as:
    •Which systems can be trusted?
    •What is the extent of the compromise?
    •How quickly can you attain situational awareness?
    Jason will also provide participants with a practical, five-step approach to restore trust in your critical systems after a data breach. Register today to join us for this informative webcast.
  • How to Restore Trust After a Breach – DACH Recorded: Mar 5 2014 52 mins
    Tripwire’s Senior Pre-Sales Consultant, Michael Rohse (DACH), will be sharing how to achieve trust after a data breach in this UK focused webcast, which will cover crucial questions such as:
    •Which systems can be trusted?
    •What is the extent of the compromise?
    •How quickly can you attain situational awareness?
    Michael will also provide participants with a practical, five-step approach to restore trust in your critical systems after a data breach. Register today to join us for this informative webcast.
  • How to Restore Trust After a Breach - UK Recorded: Mar 4 2014 57 mins
    In this webcast, Joel Barnes, UK Senior Systems Engineer, will share how best to achieve trust after a data breach. He’ll cover crucial questions, such as: Which systems can be trusted? What is the extent of the compromise? How quickly can you attain situational awareness? He will also provide participants with an approach to restore trust in your critical systems after a data breach, following five steps:
    1.Know what you have and prioritize by risk levels
    2.Define what “good” looks like
    3.Harvest system state information from your production systems
    4.Perform a reference node variance analysis to identify compromised systems
    5.Remove suspect systems from the environment and return to a trustworthy state
    Join us for this informative webcast!
  • How to Restore Trust After a Breach Recorded: Feb 12 2014 56 mins
    In this webcast, Dwayne Melancon, Tripwire’s Chief Technology Officer, will share how best to achieve trust after a data breach. He’ll cover crucial questions, such as: Which systems can be trusted? What is the extent of the compromise? How quickly can you attain situational awareness? He will also provide participants with an approach to restore trust in your critical systems after a data breach, following five steps:
    1.Know what you have and prioritize by risk levels
    2.Define what “good” looks like
    3.Harvest system state information from your production systems
    4.Perform a reference node variance analysis to identify compromised systems
    5.Remove suspect systems from the environment and return to a trustworthy state
    Join us for this informative webcast!
  • Preparing for PCI DSS v3.0: Advice from the QSA Recorded: Jan 22 2014 57 mins
    As a former QSA and currently a security analyst at The 451 Research, Adrian Sanabria will share a frank viewpoint of how the new version of Payment Card Industry standard will affect your organization.

    Join us for this webcast and you will:

    •Obtain the point of view from the QSA
    •Learn how PCI DSS 3.0 may affect your Report on Compliance
    •Understand the job of a QSA and the qualities of a good QSA
    •Learn how Tripwire solutions can make the job of the QSA and the PCI audit process easier
  • Vulnerability Voodoo: The Convergence of Foundational Security Controls Recorded: Dec 17 2013 60 mins
    Charles Kolodgy, Research Vice President for IDC's Security Products service, and Edward Smith, Product Marketing Manager at Tripwire, will discuss:

    •Integrating Vulnerability Management with other security controls to improve compliance and security posture
    •Leveraging Vulnerability Management beyond the server room to reduce risk across the entire enterprise
    •Combining business intelligence from Vulnerability Management with other security controls to make better business decisions
  • PCI DSS 3.0: Don't Shortchange Your PCI Readiness Recorded: Dec 16 2013 60 mins
    Join Jeff Hall, CISSP, CISM, CGEIT, PCI-QSA, PCIP and Senior Security Consultant at FishNet Security and Steve Hall, Director of PCI Solutions at Tripwire, to learn how PCI DSS 3.0 will impact your organization and what you need to do:
    • Understanding key themes for PCI DSS 3.0
    • Making sense of the new requirements, guidance, and clarifications
    • What’s changed, what hasn’t, and what will affect merchants and services providers the most
    • Key considerations to ensure you don’t shortchange your audit preparations
  • Reducing Risk Through Effective Vulnerability Management Recorded: Dec 16 2013 33 mins
    Gavin Millard, Tripwire's EMEA Technical Director, will discuss why effective vulnerability management is critical to measuring, managing and reducing your attack surface and how to gain insight from the information Tripwire can provide.
    Topics covered will include
    • Why asset discovery is fundamental to understanding the size and scope of your extended infrastructure
    • How to gain full visibility into where the most vulnerable areas of the infrastructure reside through Tripwire’s market leading scoring approach
    • How to prioritise the hosts within the infrastructure to quickly reduce the risk and gain control of your attack surface
    • What reporting works with management to connect the value of vulnerability management to the business goals of the organisation
  • 2014 IT Security Budget Mistakes to Avoid Recorded: Nov 6 2013 56 mins
    Often during budget cycles, we’re handed a number – no choice or negotiation – this is just all you get. This year however, there are some positive trends in security budget research from Gartner, IDC, Ponemon, and CEB.

    This webcast will show you how to maximize your leverage of increased security spending, list the top three security budget mistakes and offer ideas that may help connect security to your organization’s bottom line.

    Tune in to hear:
    • Positive security budget trends and how to use them to increase your 2014 budget
    • Technology trends and their impact on your security budget
    • Budget presentation ideas for the C-Suite
  • Avoiding Vulnerability Info Overload: How to Prioritize and Respond to Risk Recorded: Oct 16 2013 32 mins
    Lamar Bailey, Tripwire's Director of the Vulnerability & Exposure Research team will provide you with a better understanding of:
    - Why is the Tripwire Vulnerability scoring so granular?
    - How do we arrive at those scores and why not just use CVSS?
    - What do you mean by business context of measuring risk?
    - How will it help us be more efficient managing risk?
  • Using the SANS Top 4 Controls to Measure and Reduce your Attack Surface Recorded: Oct 4 2013 36 mins
    Please accept our apologies for the technical difficulties encountered with this webinar on Monday. This is now due to take place on Friday 4th October.

    This hour-long webinar, hosted by Gavin Millard, Tripwire's EMEA Technical Director, will discuss:
    • Using the SANS critical controls to understand and reduce your infrastructures attack surface
    • Profiles of the current ‘threat actors’ and how the 20 CSC can help thwart the most common threats
    • How to measure the effectiveness of controls through metrics to ensure success and investment from the business
  • Strategic Vulnerability Management: Go Beyond Scanning Recorded: Sep 23 2013 55 mins
    Join Rick Holland, Forrester Senior Analyst, and Edward Smith, Product Marketing Manager at Tripwire, to learn how to go beyond scanning to a strategic vulnerability management program.
    In this webcast you’ll learn how a strategic VM program can help you:
    • Go from counting vulnerabilities to accurately measuring, managing, and communicating risk.
    • Understand and classify the assets and vulnerabilities in your environment
    • Triage remediation efforts for more efficient operations

    We hope you will join us.
  • CyberSecurity Awareness and the SANS 20 CSCs Recorded: Sep 12 2013 62 mins
    Join us for this conversational webinar featuring Jane Holl Lute, the new CEO of the Council on Cybersecurity, as she shares her thoughts on the rapidly evolving world of cybersecurity.

    In this webinar, you will learn:
    * How the Council on CyberSecurity will be influencing cybersecurity, the SANS 20 CSC, and how it may affect your organization
    *Suggestions from Jane's experience on threat actors
    *Value your organization may gain from upcoming activities and events involving Council on CyberSecurity
  • TLC 7.0: Creating Confidence through Improved Log Intelligence Recorded: Aug 26 2013 40 mins
    As Security Management solutions evolve to address today’s environment of complex security threats, the need for a log intelligence layer has emerged to provide high speed analysis and filtering of log and event data.

    In this webcast, Steve Hall, Director, Product & Solution Marketing at Tripwire, discusses what’s new with Tripwire Log Center: including the new Advanced Log Collector VIA Agent and the integration of iP360, which intelligently protects critical infrastructure with the correlation of SANS top four security controls.
Leading Provider of IT Security and Compliance Automation Solutions
Tripwire’s powerful IT security and compliance automation solutions help businesses and government agencies take control of their IT infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How a Grocery Chain Turned Compliance Checkboxes into IT Security
  • Live at: Dec 8 2011 6:00 pm
  • Presented by: Michael Thelander and Alex Cox of Tripwire
  • From:
Your email has been sent.
or close
You must be logged in to email this