|
By Graham Cluley
Companies are being warned that malicious hackers are using a novel technique to break into businesses - by pretending to offer audits of the company's cybersecurity. With ransomware and other cybersecurity threats high in the mind of many business owners, it is all too easy to imagine how many companies might react positively to an invitation to have the security of their networks tested.
|
By Mieng Lim
Many organizations have a vulnerability management (VM) problem without knowing it. Vulnerability management is a crucial component of any organization’s cybersecurity program and is required by most major compliance standards because of its sink-or-swim impact on network security. One of the biggest issues in VM is that organizations aren’t testing the entirety of their networks. Could yours be among them?
|
By Matthew Jerzewski
The latest version of the CIS Controls was released in June 2024. The new version, 8.1, introduces some minor updates via design principles. With these changes in design principles, CIS Controls v8.1 has made updates to the following: The most notable improvement for the CIS Controls v8.1 is the addition of “Governance” as a security function. CIS states, “Effective governance provides the structure needed to steer a cybersecurity program toward achieving their enterprise goals.”
|
By Katrina Thompson
The original NIS Directive came into force in 2016 as the EU’s first comprehensive law governing cybersecurity in member states. As part of its key policy objective to make Europe “fit for the digital age,” the European Commission proposed in December 2020 that NIS be revised, and NIS2 entered into force in January of 2023. Member states were required to transpose it into law by October 17, 2024.
|
By Josh Breaker-Rolfe
Last November, the Open Web Application Security Project (OWASP) released its Top Ten List for LLMs and Gen AI Applications 2025, making some significant updates from its 2023 iteration. These updates can tell us a great deal about how the LLM threat and vulnerability landscape is evolving - and what organizations need to do to protect themselves.
|
By Anirudh Chand
Late last year, Australia’s Cyber Security Act 2024 received Royal Assent and became Law. It was a huge moment for cybersecurity legislation in Australia, serving as the country’s first-ever standalone cybersecurity law, addressing key legislative gaps, and bringing the country in line with international best practices. But what’s included in the Act? And what does it mean for businesses? Keep reading to find out.
|
By Josh Breaker-Rolfe
The manufacturing sector has long been a favorite target for ransomware actors. However, the true scale of the issue has only recently become apparent: research published in Infosecurity Magazine last December revealed that ransomware attacks on manufacturing companies have caused an estimated $17bn in downtime since 2018. But why is the manufacturing sector so vulnerable? And what can organizations do to protect themselves? Keep reading to find out.
|
By Chester Avey
Electricity transmission and distribution are popular topics at the moment, especially as they pertain to utilities infrastructure security. These essential pillars of modern society are undergoing rapid digital transformation, with increased connectivity and technological sophistication harboring large-scale cybersecurity challenges.
|
By Kirsten Doyle
In December 2024, Malaysia passed its Data Sharing Bill 2024, a new piece of legislation aimed at streamlining data-sharing across federal government agencies. This bill promises to revolutionize how data is managed, shared, and secured within Malaysia's government, fueling a more efficient, innovative, and secure public sector.
|
By Matthew Jerzewski
Since 2008, the CIS Controls have been through many iterations of refinement and improvement leading up to what we are presented with today in CIS Controls version 8.1. CIS Controls reflect the combined knowledge of experts from every part of the ecosystem (companies, governments, and individuals). The controls reflect consideration by people in many different roles, such as threat analysts, incident responders, solution providers, policy-makers, and more.
|
By Tripwire
Tripwire Enterprise provides powerful integrity monitoring at your fingertips. Discover six ways Fortra's Tripwire Enterprise can help you uplevel your security and compliance program.
|
By Tripwire
Check out the on-demand recording of our first Tripwire/Belden Industrial Security Pub Talk. You'll hear a panel of industry experts weigh in on questions.
|
By Tripwire
Join cybersecurity experts Tim Erlin and Dr. Ed Amoroso for a on-demand discussion around the current ransomware threat landscape and techniques you can use to stay a step ahead of ransomware attacks.
|
By Tripwire
Join Anthony Israel Davis as he looks at how compliance compliments a security program, the differences between security and compliance, and tips for how you can build a program that is both secure and audit-ready
|
By Tripwire
Join Tripwire’s Mike Betti and Brian Cusack a panel webcast where they walk you through common use cases to show how worthwhile an investment in the 20 CIS Controls can be.
|
By Tripwire
Let us help you sharpen your Tripwire Enterprise operational know-how with this session of the Tripwire Tips and Tricks: Change Reconciliation. Sales engineer Mike Betti will teach you how it can be used to.
|
By Tripwire
Tripwire Change Analyzer automates the verification and promotion of “known good” and business as usual changes that are the result of software updates, upgrades, and patches, saving IT organizations time, reducing human error, and increasing efficiency. Tripwire Change Analyzer also works in concert with Tripwire Enterprise to deliver alert notifications and granular details needed for rapid response when unexpected, unauthorized, or high-risk changes are detected. Check out this quick start tutorial video on how to get started with using Tripwire Change Analyzer.
|
By Tripwire
Tripwire Change Analyzer automates the verification and promotion of “known good” and business as usual changes that are the result of software updates, upgrades, and patches, saving IT organizations time, reducing human error, and increasing efficiency. Tripwire Change Analyzer also works in concert with Tripwire Enterprise to deliver alert notifications and granular details needed for rapid response when unexpected, unauthorized, or high-risk changes are detected. Check out this quick start tutorial video on how to get started with using Tripwire Change Analyzer.
|
By Tripwire
IT and OT environments are increasingly interconnected, presenting the need for cybersecurity specialists to secure devices across multiple landscapes. By collecting and contextualizing data across your environments, Tripwire can help to monitor your complex systems and achieve a more robust cybersecurity posture.
|
By Tripwire
In this episode, Ian Thornton-Trump, CISO at Cyjax, digests nation state's disinformation campaigns and the cybersecurity landscape. He also discusses the role disinformation on social media plays in cybersecurity.
|
By Tripwire
Learn how to use security File Integrity Monitoring effectively and strategically in your organization.
|
By Tripwire
Achieving DevOps security is as much a cultural effort as it is a technical one, and quality gates present the perfect opportunity to bridge the gap. Because they function within the bounds of regular DevOps processes, tools that bake security into the CI/CD pipeline by way of quality gates are more likely to win DevOps teams over.
|
By Tripwire
Learn how Log Management can complement SIEM, Security Analytics and Big Data tools within your organization.
|
By Tripwire
Your 10-point DevOps Aligning DevOps and security is more than a matter of getting the right tools in place-it requires a cultural overhaul, too. That means taking a holistic approach to security that makes room for extra training and communication, as well as security tools designed specifically for DevOps. checklist.
|
By Tripwire
Given the challenges facing those responsible for securing enterprise computing environments, there is no better time to have the integrity talk.
- February 2025 (27)
- January 2025 (27)
- December 2024 (25)
- November 2024 (27)
- October 2024 (26)
- September 2024 (26)
- August 2024 (24)
- July 2024 (27)
- June 2024 (27)
- May 2024 (24)
- April 2024 (26)
- March 2024 (22)
- February 2024 (26)
- January 2024 (29)
- December 2023 (22)
- November 2023 (29)
- October 2023 (28)
- September 2023 (27)
- August 2023 (33)
- July 2023 (29)
- June 2023 (31)
- May 2023 (34)
- April 2023 (25)
- March 2023 (28)
- February 2023 (28)
- January 2023 (28)
- December 2022 (25)
- November 2022 (34)
- October 2022 (22)
- September 2022 (25)
- August 2022 (27)
- July 2022 (25)
- June 2022 (25)
- May 2022 (24)
- April 2022 (22)
- March 2022 (31)
- February 2022 (26)
- January 2022 (28)
- December 2021 (34)
- November 2021 (28)
- October 2021 (28)
- September 2021 (31)
- August 2021 (28)
- July 2021 (26)
- June 2021 (24)
- May 2021 (30)
- April 2021 (27)
- March 2021 (29)
- February 2021 (18)
- January 2021 (21)
- December 2020 (26)
- November 2020 (25)
- October 2020 (25)
- September 2020 (25)
- August 2020 (27)
- July 2020 (33)
- June 2020 (30)
- May 2020 (38)
- April 2020 (27)
- March 2020 (33)
- February 2020 (28)
- January 2020 (27)
- December 2019 (32)
- November 2019 (27)
- October 2019 (34)
- September 2019 (27)
- August 2019 (37)
- July 2019 (30)
- June 2019 (23)
- May 2019 (19)
- April 2019 (12)
- March 2019 (16)
- February 2019 (15)
- January 2019 (15)
- December 2018 (13)
- November 2018 (17)
- October 2018 (15)
- September 2018 (8)
- August 2018 (13)
- July 2018 (8)
- June 2018 (13)
- May 2018 (6)
- April 2018 (3)
- March 2018 (7)
- February 2018 (5)
- January 2018 (2)
Tripwire is a leading provider of integrity assurance solutions that drive security, compliance and operational excellence. As the inventor of file integrity monitoring (FIM), Tripwire has a 20-year history of innovation. Tripwire’s award-winning portfolio includes configuration management, file integrity management, asset discovery, vulnerability management and log collection.
Stop Attacks, Upgrade Operations and Prove Compliance:
- Monitor system integrity: Tripwire’s industry-leading FIM detects changes on assets across your enterprise, from on-premise data center to public cloud, and remediate them to a known and trusted state. Know who changed your systems with Tripwire Enterprise FIM.
- Manage network vulnerabilities: Discover and profile all assets on your network with Tripwire IP360. Minimize manual effort through integration with your existing tools and processes. Get complete asset discovery with Tripwire’s easy system remediation.
- Automate regulatory compliance: Reduce audit workload by leveraging the most extensive policy library in the industry. Automate workflows to achieve and maintain compliance over time with monitoring, audit evidence and reports.
- Maximize operations uptime: Detect, audit and validate changes across your network to flag unauthorized changes for investigation, reduce unplanned work and speed up MTTR when incidents occur.
Protect against cyberattacks with the industry’s best foundational security controls. Detect threats, identify vulnerabilities, and harden configurations in real time with Tripwire.