Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Meeting PCI DSS Network Security Requirements in Kubernetes Environments

Compliance standards such as PCI DSS have assumed that traditional characteristics and behaviors of the development and delivery model would continue to be constant going forward. With the Container/Kubernetes revolution, that set of assumptions is no longer entirely correct. Attend this webinar and learn about what’s changed, how those changes weaken your compliance and control environment, and what you can do to adjust to the new reality.

How To Extend Firewalls to Kubernetes to Stop Breaking Existing Security Architectures

Security teams use firewalls to secure their production environments, often using a zone-based architecture, and Kubernetes does not deploy well to that architecture. Application teams are launching new business-critical applications on Kubernetes and are aggressively moving to production. A clash is bound to happen.

The future of supply chain management

Currently, we’re in a period of growth for supply chain management. With the digital revolution bringing industry players around the globe closer together, business operations have expanded for companies big and small. As both business owners and consumers, we’re experiencing the changes every step of the way as well. Each change brings with it a new set of challenges and benefits.

Anne-Marie Eklund Löwinder: "I was good at making others' code stop running very early on."

She’s the CISO of The Internet Foundation of Sweden (IIS) and one of 14 trusted individuals to hold a Key to the Internet, which means the DNSSEC key generation for the internet root zone. Anne-Marie Eklund Löwinder is also one of the few Swedes who have been inducted into the Internet Hall of Fame.

Cybersecurity Quick Tips: Kai Roer on What Security Professionals Need to Focus on Now

The way your organization handles employee security training can have a huge impact on the success of your security program. Kai Roer, award-winning specialist on security cultures and behaviors, shares his perspective on this and more of today’s most pressing cybersecurity issues—from hackers and threats to security and protection.For more cybersecurity tips, trends and insights, visit Tripwire.com/blog, or follow us on Twitter: @TripwireInc.

Cybersecurity Quick Tips: How to Get Started in Cybersecurity with Kai Roer

Interested in a job in cybersecurity but don’t know where to start? Kai Roer, award-winning specialist on security cultures and behaviors, shares his number one tip for starting a career in cybersecurity.For more cybersecurity tips, trends and insights, visit Tripwire.com/blog, or follow us on Twitter: @TripwireInc.

Multi-Cloud Security Best Practices Guide

A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward type of multi-cloud network involves multiple infrastructure as a service (IaaS) vendors. For example, you could have some of your cloud network’s servers and physical network provided by Amazon Web Services (AWS), but you’ve integrated that with your servers and physical networking that’s provided by Microsoft Azure.

Thousands of NHS computers are still running Windows XP from beyond the grave

Two years after the WannaCry ransomware outbreak shone a light on the computer security of the UK’s National Health Service, and five years after Microsoft said it would no longer release patches for Windows XP, the NHS still has 2300 PCs running the outdated operating system. The worrying statistic came to light in the response to a parliamentary question asked by shadow minister Jo Platt MP. The fact that 2,300 NHS computers are still running Windows XP is, obviously, not great news.

PCI DSS: Testing Controls and Gathering Evidence

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is not easy to achieve. Quite the opposite, in fact: A 2017 Verizon report stated that 80 percent of companies fail their PCI DSS assessments, and only 29 percent of those that pass are still compliant after one year. PCI DSS compliance, like information security as a whole, is not a one-and-done process but ongoing. To succeed, your enterprise must be vigilant.