Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Have you considered how often your phone number has been shared? Most of us give out our cell phone numbers all the time – to friends, acquaintances, colleagues, and even big, monolithic, impersonal companies. We may even print them on business cards or list them on public forums. A cell phone is no longer just a way to contact someone to engage in conversation.

Tripwire Configuration Manager allows for user created configuration and compliance management content via a new Policy Management capability. Custom user content can be used alongside existing cloud service provider and third-party SaaS policies, providing multiple new use cases for data gathering and expanding policy compliance support into new services. This blog will describe some of the features and use cases for the Policy Management capability.

All companies are moving towards a digital landscape. Developments in the design and manufacturing industry have expanded the innovation of p roducts as digital collaborations are increasingly enabled from concept generation to product realization and after-market. These collaborations expand beyond the enterprise and national boundaries, leading to growing concern about the security of their sensitive information such as Intellectual Property (IP) and trade secrets.

Researcher Moshe Zioni from Apiiro, discovered a major software supply chain critical vulnerability - CVE-2022-24348 - in the popular open-source CD platform Argo CD. Exploiting it enables attackers to obtain sensitive information like credentials, secrets, API keys from other applications. This in turn can lead to privilege escalation, lateral movements, and information disclosure.

In a world driven by digital business, enterprise security needs to be continuously monitored and improved to keep up with evolving cyber-threats and to ensure data protection across the web. As the corporate, office-based workforce evolves to become more permanently remote, increased access control to business assets is needed for those both within and outside of the company network.

An industry with a vast amount of disciplines and specialisations is likely to make newcomers apprehensive when starting. An individual may consider the many paths they wish to walk down and become encumbered with feelings of fear and doubt in their abilities. This is a position that many cyber-security professionals are likely to find themselves in.

For the average person, “traditional hacking” isn’t really an ever-present threat. It’s unlikely that a hacker will ever try to track you down, steal one of your devices, and bypass whatever you’ve set up to protect your personal data. Social engineering, on the other hand, is an increasingly common security threat that you’ve probably encountered many, many times before.

With the release of our new Badges feature, you can add a “Seal of Trust” to your website so your partners can easily see a snapshot of your security health.