|
By Josh Breaker-Rolfe
Earlier this year, the UK’s National Cyber Security Centre (NCSC) released its annual review for 2025. The report reveals the troubling reality of the modern threat landscape and, crucially, how the NCSC recommends organizations and the wider security ecosystem shield themselves from it. Let’s dive in.
|
By Kirsten Doyle
Many don’t question what they share online. Others think, what could possibly happen? The answer: “plenty.” We all leave traces. A birthday photo here, a check-in there, a proud post about a promotion. None of it seems dangerous on its own, but online, fragments add up. Each click, tag, or comment starts to paint a fuller picture: one more detailed than most of us know, or would like.
|
By Josh Breaker-Rolfe
Ransomware attacks can ripple through supply chains, causing serious disruption and massive financial consequences for multiple businesses in one fell swoop. As such, CISOs are spending more time considering how to keep operations secure as ecosystems span across dozens, if not hundreds, of vendors, contractors, and digital dependencies. With this in mind, the UK government has released a strategic framework to help organizations secure their supply chains. Let’s explore that guidance.
|
By Guest Authors
PCI DSS compliance is often seen as a one-off task, that is, you do the audit, implement controls, and then move on. But then there comes the problem - systems aren’t static, meaning that files, scripts, and configurations change constantly, and even small untracked changes can create gaps that lead to non-compliance or security issues. This is where File Integrity Monitoring (FIM) comes in.
|
By Chris Hudson
According to a new Ponemon study, weak file protections now account for several cybersecurity incidents a year for many organizations. Unsafe file-sharing practices, malicious vendor files, weak access controls, and obscured file activity are largely to blame. File Integrity Monitoring (FIM) could be the solution.
|
By Guest Authors
Remote work is no longer a contingency – it’s the operating norm. Yet the security posture for that work often leans on virtual desktops as a default, even when the workforce is dominated by bring‑your‑own‑device (BYOD) users and short‑term contractors. Virtual desktop infrastructure (VDI) can centralize risk, but it can also centralize failure, expand the admin plane, and add latency that users will work around.
|
By Josh Breaker-Rolfe
Today, almost all organizations use AI in some way. But while it creates invaluable opportunities for innovation and efficiency, it also carries serious risks. Mitigating these risks and ensuring responsible AI adoption relies on mature AI models, guided by governance frameworks. The OWASP AI Maturity Assessment Model (AIMA) is one of the most practical. In this article, we’ll explore what it is, how it compares to other frameworks, and how organizations can use it to assess their AI maturity.
|
By Kirsten Doyle
UK security leaders are making their voices heard. Four in five want DeepSeek under regulation. They see a tool that promises efficiency but risks chaos. Business is already under pressure. Trade disputes drag on. Interest rates remain high. Cyber threats grow. Every move to expand operations adds risk, and risk is harder to measure when AI enters the equation. AI spreads fast. It cuts costs, fills gaps, and automates mundane tasks. But it also opens hidden doors. In the UK, AI is now part of daily work.
|
By Katrina Thompson
A trend that has long been on the rise is finally having its day. A recent industry report revealed that 91% of security professionals believe that ultimate accountability for cybersecurity incidents lies with the board itself, not with CISOs or security managers. If the security discussion hadn’t fully made its way into C-suite conversations before, it has now.
|
By Katrina Thompson
On October 14th, Windows 10 will be retired, and Microsoft will no longer push patches or updates to systems on that operating system. It is crucial for companies to make the jump to Windows 11 now—or risk being exposed to critical vulnerabilities. This is especially important for Industrial Control Systems (ICS), which often run on legacy systems.
|
By Tripwire
Tripwire Enterprise provides powerful integrity monitoring at your fingertips. Discover six ways Fortra's Tripwire Enterprise can help you uplevel your security and compliance program.
|
By Tripwire
Check out the on-demand recording of our first Tripwire/Belden Industrial Security Pub Talk. You'll hear a panel of industry experts weigh in on questions.
|
By Tripwire
Join cybersecurity experts Tim Erlin and Dr. Ed Amoroso for a on-demand discussion around the current ransomware threat landscape and techniques you can use to stay a step ahead of ransomware attacks.
|
By Tripwire
Join Anthony Israel Davis as he looks at how compliance compliments a security program, the differences between security and compliance, and tips for how you can build a program that is both secure and audit-ready
|
By Tripwire
Join Tripwire’s Mike Betti and Brian Cusack a panel webcast where they walk you through common use cases to show how worthwhile an investment in the 20 CIS Controls can be.
|
By Tripwire
Let us help you sharpen your Tripwire Enterprise operational know-how with this session of the Tripwire Tips and Tricks: Change Reconciliation. Sales engineer Mike Betti will teach you how it can be used to.
|
By Tripwire
Tripwire Change Analyzer automates the verification and promotion of “known good” and business as usual changes that are the result of software updates, upgrades, and patches, saving IT organizations time, reducing human error, and increasing efficiency. Tripwire Change Analyzer also works in concert with Tripwire Enterprise to deliver alert notifications and granular details needed for rapid response when unexpected, unauthorized, or high-risk changes are detected. Check out this quick start tutorial video on how to get started with using Tripwire Change Analyzer.
|
By Tripwire
Tripwire Change Analyzer automates the verification and promotion of “known good” and business as usual changes that are the result of software updates, upgrades, and patches, saving IT organizations time, reducing human error, and increasing efficiency. Tripwire Change Analyzer also works in concert with Tripwire Enterprise to deliver alert notifications and granular details needed for rapid response when unexpected, unauthorized, or high-risk changes are detected. Check out this quick start tutorial video on how to get started with using Tripwire Change Analyzer.
|
By Tripwire
IT and OT environments are increasingly interconnected, presenting the need for cybersecurity specialists to secure devices across multiple landscapes. By collecting and contextualizing data across your environments, Tripwire can help to monitor your complex systems and achieve a more robust cybersecurity posture.
|
By Tripwire
In this episode, Ian Thornton-Trump, CISO at Cyjax, digests nation state's disinformation campaigns and the cybersecurity landscape. He also discusses the role disinformation on social media plays in cybersecurity.
|
By Tripwire
Learn how to use security File Integrity Monitoring effectively and strategically in your organization.
|
By Tripwire
Achieving DevOps security is as much a cultural effort as it is a technical one, and quality gates present the perfect opportunity to bridge the gap. Because they function within the bounds of regular DevOps processes, tools that bake security into the CI/CD pipeline by way of quality gates are more likely to win DevOps teams over.
|
By Tripwire
Learn how Log Management can complement SIEM, Security Analytics and Big Data tools within your organization.
|
By Tripwire
Given the challenges facing those responsible for securing enterprise computing environments, there is no better time to have the integrity talk.
|
By Tripwire
Your 10-point DevOps Aligning DevOps and security is more than a matter of getting the right tools in place-it requires a cultural overhaul, too. That means taking a holistic approach to security that makes room for extra training and communication, as well as security tools designed specifically for DevOps. checklist.
- November 2025 (3)
- October 2025 (3)
- September 2025 (10)
- August 2025 (10)
- July 2025 (10)
- June 2025 (21)
- May 2025 (24)
- April 2025 (23)
- March 2025 (24)
- February 2025 (27)
- January 2025 (27)
- December 2024 (25)
- November 2024 (27)
- October 2024 (26)
- September 2024 (26)
- August 2024 (24)
- July 2024 (27)
- June 2024 (27)
- May 2024 (24)
- April 2024 (26)
- March 2024 (22)
- February 2024 (26)
- January 2024 (29)
- December 2023 (22)
- November 2023 (29)
- October 2023 (28)
- September 2023 (27)
- August 2023 (33)
- July 2023 (29)
- June 2023 (31)
- May 2023 (34)
- April 2023 (25)
- March 2023 (28)
- February 2023 (28)
- January 2023 (28)
- December 2022 (25)
- November 2022 (34)
- October 2022 (22)
- September 2022 (25)
- August 2022 (27)
- July 2022 (25)
- June 2022 (25)
- May 2022 (24)
- April 2022 (22)
- March 2022 (31)
- February 2022 (26)
- January 2022 (28)
- December 2021 (34)
- November 2021 (28)
- October 2021 (28)
- September 2021 (31)
- August 2021 (28)
- July 2021 (26)
- June 2021 (24)
- May 2021 (30)
- April 2021 (27)
- March 2021 (29)
- February 2021 (18)
- January 2021 (21)
- December 2020 (26)
- November 2020 (25)
- October 2020 (25)
- September 2020 (25)
- August 2020 (27)
- July 2020 (33)
- June 2020 (30)
- May 2020 (38)
- April 2020 (27)
- March 2020 (33)
- February 2020 (28)
- January 2020 (27)
- December 2019 (32)
- November 2019 (27)
- October 2019 (34)
- September 2019 (27)
- August 2019 (37)
- July 2019 (30)
- June 2019 (23)
- May 2019 (19)
- April 2019 (12)
- March 2019 (16)
- February 2019 (15)
- January 2019 (15)
- December 2018 (13)
- November 2018 (17)
- October 2018 (15)
- September 2018 (8)
- August 2018 (13)
- July 2018 (8)
- June 2018 (13)
- May 2018 (6)
- April 2018 (3)
- March 2018 (7)
- February 2018 (5)
- January 2018 (2)
Tripwire is a leading provider of integrity assurance solutions that drive security, compliance and operational excellence. As the inventor of file integrity monitoring (FIM), Tripwire has a 20-year history of innovation. Tripwire’s award-winning portfolio includes configuration management, file integrity management, asset discovery, vulnerability management and log collection.
Stop Attacks, Upgrade Operations and Prove Compliance:
- Monitor system integrity: Tripwire’s industry-leading FIM detects changes on assets across your enterprise, from on-premise data center to public cloud, and remediate them to a known and trusted state. Know who changed your systems with Tripwire Enterprise FIM.
- Manage network vulnerabilities: Discover and profile all assets on your network with Tripwire IP360. Minimize manual effort through integration with your existing tools and processes. Get complete asset discovery with Tripwire’s easy system remediation.
- Automate regulatory compliance: Reduce audit workload by leveraging the most extensive policy library in the industry. Automate workflows to achieve and maintain compliance over time with monitoring, audit evidence and reports.
- Maximize operations uptime: Detect, audit and validate changes across your network to flag unauthorized changes for investigation, reduce unplanned work and speed up MTTR when incidents occur.
Protect against cyberattacks with the industry’s best foundational security controls. Detect threats, identify vulnerabilities, and harden configurations in real time with Tripwire.