We just raised a $30M Series A: Read our story

Tripwire IP360 OverviewUNIXBusinessApplication

Tripwire IP360 is the #10 ranked solution in our list of top Vulnerability Management tools. It is most often compared to Tenable Nessus: Tripwire IP360 vs Tenable Nessus

What is Tripwire IP360?

Tripwire IP360 delivers risk-based vulnerability assessment and asset discovery capabilities. With IP360, you get:

  • Comprehensive discovery and profiling of all network assets.
  • Highly scalable architecture with low network impact.
  • Advanced vulnerability scoring that identifies top risks.
  • Prioritized change results when used with Tripwire Enterprise.

Tripwire IP360 is also known as IP360.

Buyer's Guide

Download the Vulnerability Management Buyer's Guide including reviews and more. Updated: October 2021

Tripwire IP360 Customers

State of Iowa, State of Minnesota, U.S. Cellular

Tripwire IP360 Video

Archived Tripwire IP360 Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
CH
Senior IT Auditor at a retailer with 10,001+ employees
Real User
We previously used another solution and switched because we wanted something that was more robust.

What is our primary use case?

It gives us reports on vulnerabilities.

How has it helped my organization?

They keep expanding what the solution is checking.

What is most valuable?

Ensures we know which vulnerabilities that we are exposed to.

What needs improvement?

We would like to have better reporting capabilities and for them to be more granular.

What do I think about the stability of the solution?

It seems very stable.

What do I think about the scalability of the solution?

It seems very stable.

How are customer service and technical support?

I haven't heard any complaints.

Which solution did I use previously and why did I switch?

We did use another solution previously. We switched because we wanted something that was more robust.

How was the initial

What is our primary use case?

It gives us reports on vulnerabilities.

How has it helped my organization?

They keep expanding what the solution is checking.

What is most valuable?

Ensures we know which vulnerabilities that we are exposed to.

What needs improvement?

We would like to have better reporting capabilities and for them to be more granular.

What do I think about the stability of the solution?

It seems very stable.

What do I think about the scalability of the solution?

It seems very stable.

How are customer service and technical support?

I haven't heard any complaints.

Which solution did I use previously and why did I switch?

We did use another solution previously. We switched because we wanted something that was more robust.

How was the initial setup?

The initial setup was slightly complex because there was some customization. 

What about the implementation team?

We used a consultant for deployment.

What was our ROI?

It has helped increase staff productivity.

Which other solutions did I evaluate?

The company probably chose this solution because they thought that they would be getting the best bang for their buck.

What other advice do I have?

We use it identify vulnerabilities.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
LK
Pre-Sales Specialist at a tech services company with 51-200 employees
Reseller
A mature and evolving solution that has become the pinnacle point for anything that enters the network

Pros and Cons

  • "It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
  • "The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."

What is our primary use case?

We have multiple uses for this solution, we use it for breakouts and early detection. We use it much more for security rather than for compliance on policies. Then it's more about the whole infrastructure, early detection, file integrity management, and everything else.

How has it helped my organization?

It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed. 

What is most valuable?

The most valuable feature would be the command app to control feature. It's not hugely utilized. It can go a lot further. It can be used a lot more because it can drift over into spaces from telephoning, where you have certificate expiry and it's easy with a couple of scripts to control expiry or certificates for everything else for outages with a call center solution. There are multiple areas where the product can quickly adapt by using upper command control to immediately solve a lot of issues where you don't need to look at other products.

What needs improvement?

The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Highly stable with excellent support.

What do I think about the scalability of the solution?

In terms of scalability, it's one of the most mature solutions. It's highly scalable and we mostly deal with large sectors like ISPs, banks, and telecommunications agencies so all of the solutions are highly scalable.

How are customer service and technical support?

Their technical support is better than excellent. 

How was the initial setup?

The initial setup is more complex than other products but absolutely the most mature one that I've dealt with. Tripwire is one of the most mature in terms of companies, suites, support, everything, much more than any other product. Deployment is dependent on organizational size so it's hard to say but it took around one to two weeks plus there will be a lot of follow up on skill transfer and training which is certainly another growth area. 

What was our ROI?

We have most definitely seen ROI. Especially in the banking sectors and, most definitely, with telecommunications as well.

What's my experience with pricing, setup cost, and licensing?

It's more expensive but also more superior. I've had a lot of cases where I opted for something similar which they normally have and some other kind of products but they always fall short and it doesn't do so I know of a release of more than two different products have been deployed that have failed and are not being used anymore.

Which other solutions did I evaluate?

I do constant research into solutions available on the market. I've got my own battle sheets which I know the ins and outs of each product available on the market. It's different from what Gartner says because Gartner runs around with Fortune 500 and large organizations, where it's different in South Africa, in a much smaller market.

What other advice do I have?

I would advise you to do your homework when considering this solution. 

I would definitely rate it a ten, it's one of the most mature solutions and is constantly evolving. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Find out what your peers are saying about Tripwire, Tenable Network Security, Acunetix and others in Vulnerability Management. Updated: October 2021.
542,721 professionals have used our research since 2012.
it_user701499
Vulnerability and Security Configuration Resource at a transportation company with 10,001+ employees
Vendor
Given the audit report, you are able to investigate how the vulnerability is triggered, along with all the other information surrounding the vulnerability.

What is most valuable?

The most valuable feature of the product is reporting on an audit after a vulnerability scan is completed, and furthermore, the details that the audit report provides.

Given the audit report, you are able to investigate how the vulnerability is triggered, along with all the other information surrounding the vulnerability.

How has it helped my organization?

This product detects vulnerabilities which exist in the environment, and provides enough information that allows for remediation, thereby securing the environment.

After remediation is completed, executing another scan allows us to check if the remediation has been performed properly.

What needs improvement?

For IP360, unfortunately, scans for certain vulnerabilities often cause issues, as they are mainly false positive.

For instance, scanning Microsoft OS patches often leads to false positives, since they will identify patches that are missing, yet these missing patches are often superseded by newer patches that have been applied.

There are several more recommendations I could make, too.

For how long have I used the solution?

We have been using the solution for 11 months.

What do I think about the stability of the solution?

There were a few minor hiccups concerning scanners going down, but this does not happen often.

What do I think about the scalability of the solution?

We had a scalability issue when we scheduled multiple scans to occur in a specific time frame, and there have been instances where these scheduled scans do not complete on time.

However, most of the time, the scheduled scans complete on time.

How are customer service and technical support?

Technical support was hardly required for IP360.

Which solution did I use previously and why did I switch?

I have not previously used a different solution.

How was the initial setup?

I did not do any initial setup, as it was already prepared.

What's my experience with pricing, setup cost, and licensing?

I cannot advise others on this issue.

Which other solutions did I evaluate?

I did not make any evaluation on what products to use.

What other advice do I have?

This tool is only great for reviewing identified vulnerabilities and verifying remediation, but not vulnerability tracking or reporting.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user507300
Senior IT Security Analyst at a retailer with 1,001-5,000 employees
Vendor
It can schedule and run vulnerability scans as needed.

What is most valuable?

It’s most valuable feature is the ability to schedule and run vulnerability scans as needed.

How has it helped my organization?

It has enhanced the security program by ensuring that all external-facing systems are scanned on a routine basis.

What needs improvement?

There are inconsistencies in some of the vulnerability findings when compared to similar tools. For example, a recent scan didn’t turn up any vulnerabilities related to SSL but when I used another tool, it found those vulnerabilities, which after some investigating were valid.

For how long have I used the solution?

I have used it for 2.5 years.

What do I think about the stability of the solution?

I have not encountered any stability issues.

What do I think about the scalability of the solution?

I have not encountered any scalability issues.

How are customer service and technical support?

Tripwire’s technical support has always been excellent.

Which solution did I use previously and why did I switch?

I did not previously use a different solution, but next year I will be switching to a different cloud-based, security-as-a-service solution.

How was the initial setup?

It is a cloud-based tool, so there wasn’t anything to configure.

What's my experience with pricing, setup cost, and licensing?

The pricing is definitely the most affordable in the market.

Which other solutions did I evaluate?

I evaluated similar products from BeyondTrust and Qualys.

What other advice do I have?

If you are looking for affordability, this is a great deal. If you are looking for better reporting capabilities and vulnerability tracking over time for remediation purposes, then this is not the best solution.

My rating reflects the product being used purely for PCI ASV scans. If used for perimeter-only scanning, I would rate this tool lower.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Vulnerability Management
Buyer's Guide
Download our free Vulnerability Management Report and find out what your peers are saying about Tripwire, Tenable Network Security, Acunetix, and more!