Tripwire, a global provider of advanced threat, security and compliance solutions, has announced comprehensive point-of-sale security solution designed specifically to defend against cyber attacks directed at point-of-sale (POS) devices.
A vast amount of consumer credit card data is stolen through sophisticated cyber attacks against POS equipment. Tripwire POS Threat Protection delivers 35 new policies and 55 new tests designed to detect specific POS security threats, including common weaknesses and exploitable configuration settings that are frequently used by cyber attackers to access POS devices and customer credit card data.
The new policies detect and notify IT security teams when POS devices, servers and payment card network infrastructure experience specific changes that leave them susceptible to compromise.
Tripwire POS Threat Protection defends against a wide variety of brute force and malware attacks, including specific variants of RAM scraping malware. RAM scrapers are commonly used in POS cyberattacks, including: BlackPOS, Alina and Trackr, MalumPOS and vSkimmer.
"Retailers require both preventative and detective controls. In order to mitigate the most sophisticated cyber attacks, retailers need to harden their environment as well as decrease the mean-time-to-resolution when there is an incident. Tripwire's latest POS solutions are based on recommendations from industry leaders and actual attack data, a unique approach designed to solve both of these problems," said Ken Westin, senior security analyst for Tripwire.
Pressure on merchants to secure their POS environments continues to mount. According to Verizon's 2015 Data Breach Investigations Report, attacks on POS systems continue to be the top source of confirmed data breaches, and a majority of breaches take weeks or months to be detected.