Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Deploying Applications to a Kubernetes Cluster to Which You Don't Have Access

For the impatient, in this blog post, we’ll look into the problem of preparing a Kubernetes application to be deployed into a large number of Kubernetes clusters, even if you, the developer, do not have direct access to them all. The tutorial parts of this post will utilize Gravity 7.0, which you can download here. This version is in beta at the time of publication, so be sure to select pre-releases in the dropdown on the download page to access it.

11 of the Top Questionnaires for IT Vendor Assessment

Business partnerships require trust, but knowing which vendors you can trust to protect your customer's PII and PHI is difficult. With the rise of information technology, there are countless ways that trust can be broken, whether intentionally or unintentionally. As a starting point, you need additional information about information security policies, internal security practices, incident response and disaster recovery plans, and any past security incidents.

We Want You! Win the War on Ransomware Today

Arguably, the first malware extortion attack occurred in 1988 – the AIDS Trojan had the potential to be the first example of ransomware, but due to a design flaw, the victims didn’t end up actually having to pay up the 189 bucks. It’s safe to say that over the past 31 years, attackers have perfected the ransomware craft, with organizations shelling out more than $25 billion per year. We don’t expect it to end any time soon.

How to Leverage NIST Cybersecurity Framework for Data Integrity

Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity: the property that data has not been altered in an unauthorized manner. Tripwire is very proud to have contributed and collaborated with other technology vendors in the development of these practice guides.

Understanding the Consequences of Failing PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) does a great job of outlining how an organization should go about protecting cardholder data. Most organizations take the best practices from the PCI council and implement a strong information security strategy bent on enforcing PCI standards, compliance requirements, and vulnerability management. What happens when an organization doesn’t follow the rules as they should or they suffer a data breach because of negligence?

The rising threat of drones to cybersecurity: What you need to know

The Federal Aviation Administration (FAA) reports that there are nearly 1.5 million registered drones in the United States, proving them to be ubiquitous across the country - and there are plenty that are still unregistered, too. From military use to consumers who buy them to start a new hobby, drones are now used in many aspects of today’s society. Even Amazon plans on making drones part of their shipping process at some point in the future.

Our award-winning IAM and insider threat prevention solutions highlighted at RSA Conference 2020

ManageEngine brought home its first set of accolades for 2020: two InfoSec Awards presented by Cyber Defense Magazine at RSA Conference 2020. Amidst the over 3,000 cyberdefense innovators that were assessed by Cyber Defense Magazine for its 2020 InfoSec Awards, ManageEngine was recognized for its identity and access management (IAM) offering, AD360, and for its insider threat prevention in Log360.

What is Cyber Hygiene and Why is it Important?

Cyber hygiene is the cybersecurity equivalent to the concept of personal hygiene in public health literature. The European Union's Agency for Network and Information Security (ENISA) states that "cyber hygiene should be viewed in the same manner as personal hygiene and, once properly integrated into an organization will be simple daily routines, good behaviors, and occasional checkups to make sure the organization's online health is in optimum condition".

4 Best Practices for Security Operations Center Success

The security operations center (SOC) plays a critical role in an enterprise organization’s efforts to protect their data from rapidly evolving cybersecurity threats. However, for a variety of reasons revealed in this report by the Ponemon Institute—based on a survey sponsored by Devo of more than 500 IT and security practitioners—organizations are frustrated with their SOC’s lack of effectiveness in performing its vital work.

Top Cybersecurity Threats in 2020

Last year was a disaster in terms of the number of data breaches. A study produced by the nonprofit Identity Theft Resource Center rounded up 1,473 reported data breaches by the end of 2019 – a staggering 17% more than 2018. While the analysis notes that the actual number of data exposed were considerably less than 2018, it’s still proof of the increasing insecurity of deployed IT systems.