|
By Tyler Reguly
Recently, I looked at Microsoft’s assigned CVSS v3.1 scores for Patch Tuesday vulnerabilities alongside the Microsoft assigned severity ratings. I wanted to revisit these numbers and see just how closely CVSS aligns with Microsoft’s opinion of severity. Disclaimer: I’m aware that CVSS v4.0 exists. However, Microsoft has not yet adopted it, and I wanted an apples-to-apples comparison.
|
By Matthew Jerzewski
Knowing who has credentials, how those credentials are granted, and how they are being used is the foundation of any secure environment. It begins with user accounts and the credentials they use. Maintaining a thorough inventory of all accounts and verifying any changes to those accounts as authorized and intentional vs unintended is paramount to establishing a secure environment, and this includes service accounts.
|
By Josh Breaker-Rolfe
Security Operations Center (SOC) analysts have it rough. Modern security tools generate an extraordinary number of alerts, attackers are more sophisticated than ever, and IT infrastructures are unprecedentedly complex. As a result, analysts are overwhelmed with workload and alerts, making it near-impossible to make intelligent, informed decisions. Fortunately, artificial intelligence (AI) is helping to ease the strain. Let’s look at how.
|
By Michael Betti
The energy sector is the cornerstone of modern infrastructure, powering essential services and supporting the daily operations of economies worldwide. However, it also faces unique cybersecurity challenges, particularly in complying with the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) standards.
|
By Josh Breaker-Rolfe
NASA is about to introduce new requirements for its contractors. These requirements will dramatically improve the cybersecurity of spacecraft and the US’ resilience to cyber threats. But what do these requirements mean for spacecraft manufacturers? What challenges will they face? And what will they need to do to comply? Keep reading to find out.
|
By Graham Cluley
Medusa is a ransomware-as-a-service (RaaS) platform that first came to prominence in 2023. The ransomware impacts organisations running Windows, predominantly exploiting vulnerable and unpatched systems and hijacking accounts through initial access brokers.
|
By Matthew Jerzewski
CIS Control 6 merges some aspects of CIS Control 4 (admin privileges) and CIS Control 14 (access on a need-to-know basis) into a single access control management group. Access control management is a critical component in maintaining information and system security, restricting access to assets based on role and need. It is important to grant, refuse, and remove access in a standardized, timely, and repeatable way across an entire organization.
|
By David Henderson
Fortra’s Tripwire has always been widely known as a File Integrity Monitoring (FIM) solution, and a very good one at that. The good news is that it still is - only when you look closely, it’s a lot more. And it always has been. Besides its traditionally known role as an integrity and security configuration management tool, Tripwire’s powerful capabilities make it a comprehensive cybersecurity solution.
|
By Joseph Chukwube
Remote work isn’t just a temporary trend anymore; it has become a permanent fixture. What began as a quick response during the pandemic has evolved into the new normal for businesses worldwide. In America, 20% of people now work from home. While this has its advantages (flexibility for workers and cost savings for businesses), it’s not without its complications, having cracked open a host of issues around cybersecurity and regulatory compliance.
|
By PJ Bradley
Organizations of all types must consider and prioritize cybersecurity in order to protect against a wide range of attacks and prevent potentially catastrophic consequences. With the evolution of the threat landscape and most businesses relying more and more on technological pillars for everyday operations, cyberattacks can have impacts that extend far beyond monetary losses. However, the financial cost alone is staggering, highlighting the pressing need for improved cybersecurity across the board.
|
By Tripwire
Tripwire Enterprise provides powerful integrity monitoring at your fingertips. Discover six ways Fortra's Tripwire Enterprise can help you uplevel your security and compliance program.
|
By Tripwire
Check out the on-demand recording of our first Tripwire/Belden Industrial Security Pub Talk. You'll hear a panel of industry experts weigh in on questions.
|
By Tripwire
Join cybersecurity experts Tim Erlin and Dr. Ed Amoroso for a on-demand discussion around the current ransomware threat landscape and techniques you can use to stay a step ahead of ransomware attacks.
|
By Tripwire
Join Anthony Israel Davis as he looks at how compliance compliments a security program, the differences between security and compliance, and tips for how you can build a program that is both secure and audit-ready
|
By Tripwire
Join Tripwire’s Mike Betti and Brian Cusack a panel webcast where they walk you through common use cases to show how worthwhile an investment in the 20 CIS Controls can be.
|
By Tripwire
Let us help you sharpen your Tripwire Enterprise operational know-how with this session of the Tripwire Tips and Tricks: Change Reconciliation. Sales engineer Mike Betti will teach you how it can be used to.
|
By Tripwire
Tripwire Change Analyzer automates the verification and promotion of “known good” and business as usual changes that are the result of software updates, upgrades, and patches, saving IT organizations time, reducing human error, and increasing efficiency. Tripwire Change Analyzer also works in concert with Tripwire Enterprise to deliver alert notifications and granular details needed for rapid response when unexpected, unauthorized, or high-risk changes are detected. Check out this quick start tutorial video on how to get started with using Tripwire Change Analyzer.
|
By Tripwire
Tripwire Change Analyzer automates the verification and promotion of “known good” and business as usual changes that are the result of software updates, upgrades, and patches, saving IT organizations time, reducing human error, and increasing efficiency. Tripwire Change Analyzer also works in concert with Tripwire Enterprise to deliver alert notifications and granular details needed for rapid response when unexpected, unauthorized, or high-risk changes are detected. Check out this quick start tutorial video on how to get started with using Tripwire Change Analyzer.
|
By Tripwire
IT and OT environments are increasingly interconnected, presenting the need for cybersecurity specialists to secure devices across multiple landscapes. By collecting and contextualizing data across your environments, Tripwire can help to monitor your complex systems and achieve a more robust cybersecurity posture.
|
By Tripwire
In this episode, Ian Thornton-Trump, CISO at Cyjax, digests nation state's disinformation campaigns and the cybersecurity landscape. He also discusses the role disinformation on social media plays in cybersecurity.
|
By Tripwire
Learn how to use security File Integrity Monitoring effectively and strategically in your organization.
|
By Tripwire
Achieving DevOps security is as much a cultural effort as it is a technical one, and quality gates present the perfect opportunity to bridge the gap. Because they function within the bounds of regular DevOps processes, tools that bake security into the CI/CD pipeline by way of quality gates are more likely to win DevOps teams over.
|
By Tripwire
Learn how Log Management can complement SIEM, Security Analytics and Big Data tools within your organization.
|
By Tripwire
Your 10-point DevOps Aligning DevOps and security is more than a matter of getting the right tools in place-it requires a cultural overhaul, too. That means taking a holistic approach to security that makes room for extra training and communication, as well as security tools designed specifically for DevOps. checklist.
|
By Tripwire
Given the challenges facing those responsible for securing enterprise computing environments, there is no better time to have the integrity talk.
- January 2025 (20)
- December 2024 (25)
- November 2024 (27)
- October 2024 (26)
- September 2024 (26)
- August 2024 (24)
- July 2024 (27)
- June 2024 (27)
- May 2024 (24)
- April 2024 (26)
- March 2024 (22)
- February 2024 (26)
- January 2024 (29)
- December 2023 (22)
- November 2023 (29)
- October 2023 (28)
- September 2023 (27)
- August 2023 (33)
- July 2023 (29)
- June 2023 (31)
- May 2023 (34)
- April 2023 (25)
- March 2023 (28)
- February 2023 (28)
- January 2023 (28)
- December 2022 (25)
- November 2022 (34)
- October 2022 (22)
- September 2022 (25)
- August 2022 (27)
- July 2022 (25)
- June 2022 (25)
- May 2022 (24)
- April 2022 (22)
- March 2022 (31)
- February 2022 (26)
- January 2022 (28)
- December 2021 (34)
- November 2021 (28)
- October 2021 (28)
- September 2021 (31)
- August 2021 (28)
- July 2021 (26)
- June 2021 (24)
- May 2021 (30)
- April 2021 (27)
- March 2021 (29)
- February 2021 (18)
- January 2021 (21)
- December 2020 (26)
- November 2020 (25)
- October 2020 (25)
- September 2020 (25)
- August 2020 (27)
- July 2020 (33)
- June 2020 (30)
- May 2020 (38)
- April 2020 (27)
- March 2020 (33)
- February 2020 (28)
- January 2020 (27)
- December 2019 (32)
- November 2019 (27)
- October 2019 (34)
- September 2019 (27)
- August 2019 (37)
- July 2019 (30)
- June 2019 (23)
- May 2019 (19)
- April 2019 (12)
- March 2019 (16)
- February 2019 (15)
- January 2019 (15)
- December 2018 (13)
- November 2018 (17)
- October 2018 (15)
- September 2018 (8)
- August 2018 (13)
- July 2018 (8)
- June 2018 (13)
- May 2018 (6)
- April 2018 (3)
- March 2018 (7)
- February 2018 (5)
- January 2018 (2)
Tripwire is a leading provider of integrity assurance solutions that drive security, compliance and operational excellence. As the inventor of file integrity monitoring (FIM), Tripwire has a 20-year history of innovation. Tripwire’s award-winning portfolio includes configuration management, file integrity management, asset discovery, vulnerability management and log collection.
Stop Attacks, Upgrade Operations and Prove Compliance:
- Monitor system integrity: Tripwire’s industry-leading FIM detects changes on assets across your enterprise, from on-premise data center to public cloud, and remediate them to a known and trusted state. Know who changed your systems with Tripwire Enterprise FIM.
- Manage network vulnerabilities: Discover and profile all assets on your network with Tripwire IP360. Minimize manual effort through integration with your existing tools and processes. Get complete asset discovery with Tripwire’s easy system remediation.
- Automate regulatory compliance: Reduce audit workload by leveraging the most extensive policy library in the industry. Automate workflows to achieve and maintain compliance over time with monitoring, audit evidence and reports.
- Maximize operations uptime: Detect, audit and validate changes across your network to flag unauthorized changes for investigation, reduce unplanned work and speed up MTTR when incidents occur.
Protect against cyberattacks with the industry’s best foundational security controls. Detect threats, identify vulnerabilities, and harden configurations in real time with Tripwire.