Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2018

Making Continuous HIPAA Compliance Easy with ExpertOps

Healthcare organizations continue to face relentless cyberattacks owing to the immense value placed on patient health information on the dark web. Patient records have almost everything the attacker needs to carry out sophisticated insurance fraud schemes, purchase medical supplies or drugs, or commit other types of fraud including outright identity theft.

Securing the Build Environment: A 'Critical' Component of Container Security

As I noted in a previous article, the build environment is a key area on which organizations should focus their container security efforts. Companies don’t usually think of the build environment when it comes to securing their containers. But it’s critical that they do.

Infosecurity Europe Survey: Security Professionals Gearing up for Rise in Nation-State Attacks

In the midst of some of the most interesting times in geopolitical history, Tripwire wanted to see how the infosec community is currently feeling about nation-state attacks. It thus decided to conduct a survey while at Infosecurity Europe 2018 in London. Specifically, Tripwire surveyed 416 attendees to see what the future of nation-state attacks might look like.

ICS Security in a Nutshell: Common Challenges and How Tripwire Can Help Overcome Them

Industrial control systems (ICS) first proliferated at a time when cybersecurity didn’t weigh heavily on organizations’ minds. Since then, there have been two significant developments in the industry. First, cybersecurity has become a mission-critical concern for businesses everywhere. Second, there’s been a shift to new network technologies that improve data collection, efficiency and time-to-market.

8 Steps for a Successful DevOps Transition

Organizations stand to gain a lot from transitioning to a DevOps software development model. Switching to DevOps leads to quicker problem solving, increased employee engagement, and more time for innovation. That’s assuming a transition is successful, however. Enterprises can run into various problems along the way, including inadequately measured risk, which could spell trouble down the road. Fortunately, none of these problems are inevitable if you approach the DevOps transition methodically.

Cybersecurity: Protecting All the Endpoints

Network security is an issue that is increasingly important as businesses and even households shift more workflow processes and key tasks to the network and into the cloud. While some users may find it a challenge to protect even a single digital device, keeping an entire network secure can be a tall order for even the most tech-savvy users.

Electronics Retailer Confirms Breach Attempt of 5.9M Payment Cards

A consumer electronics retailer has confirmed a data breach attempt to compromise the details of 5.9 million payment cards. On 13 June, Dixons Carphone released a notice disclosing its investigation into an instance of unauthorized data access. The company came across the suspicious activity while reviewing its systems and data. Subsequently, it contacted security experts to help determine what happened.

2 Strategies to Tighten Your Cloud Security

Creating a thorough and effective security program is difficult enough when your data is stored on-premises. But most organizations and agencies straddle hybridized on-prem and cloud environments—or they’re cloud-native entirely. This complicates the role of cybersecurity teams who now need tools that can traverse multiple environments without missing a beat.

What Is Integrity Management?

If you’ve been in information security for a while, you’ve likely had some experience with file integrity monitoring (FIM). It’s a capability with a long history, going back to the original open-source Tripwire tool for monitoring file hashes. And FIM has staying power. It’s still around, and there are still new deployments. There aren’t a lot of security controls that continue to be valuable over such a long time frame.

Tripwire Enterprise Demo: Improving your policy and compliance program

Tripwire Enterprise evaluates your systems to ensure compliance with security standards like PCI, NIST, CIS and ISO. It works with over 800 policy and platform combinations and allows you to create new policy content based on your organizational standards. Clear and understandable dashboarding provides visualization for compliance stakeholders. Watch this video for a demonstration of fast, accurate SCM in action with Tripwire Enterprise.