Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2018

Three Ways to Secure Legacy Infrastructure

It is a well-known fact that legacy equipment shall continue to play a crucial role in the continuity and stability of critical infrastructure, especially in industrial control systems. A recent Center for Digital Government survey found that 70% of respondent agencies depend on legacy infrastructure for their operations.

The Sky Is Falling! No Wait, That's Just Our Data in the Cloud!

Back in the good old days, we used to have to order physical servers to run our applications. When servers became too expensive, we found efficiency in virtualization. Why have one box running one server when I could have 10 or more on a single box? Who would have thought I could simply push a button and have a server ready in minutes as opposed to weeks?

ITIL, Problem Management and Tripwire Enterprise

I’ve written about ITIL and Tripwire Enterprise, offering a secure approach to managing your Change Management processes, but ITIL’s guidelines offer more than just recommendations around ensuring changes happen as expected. Problem management is another key area where Tripwire Enterprise can help you on your ITIL journey. ITIL sensibly focuses on root-cause analysis for problem management.

Threat Actors in Critical Infrastructure: New Trends and Risk Factors

In this on-demand webcast, guest presenter Mike Chaney, who supports the DHS, National Cybersecurity & Communications Integration Center (NCCIC), and David Meltzer, Tripwire CTO, will share best practices to reduce the likelihood and severity of incidents that may significantly compromise the security and resilience of the critical infrastructure.

Alert Fatigue Is a Big Cybersecurity Problem

Alarms and alerts surround us every day. From the moment our clocks wake us up in the morning, we rely on alarms for many things. But what happens when those alarms and alerts malfunction? What does it do to us and how does that affect our day to day life? Recall the Dallas Emergency Alert Malfunction. As it turns out, getting tired of these alarms can prove dangerous to cybersecurity.

Multi-Cloud Security Best Practices Guide

A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward type of multi-cloud network involves multiple infrastructure as a service (IaaS) vendors. For example, you could have some of your cloud network’s servers and physical network provided by Amazon Web Services (AWS), but you’ve integrated that with your servers and physical networking that’s provided by Microsoft Azure.

Back to the Future: Stick to the Fundamentals for DevOps Security

In early August, I will be leading a couple of sessions at the Community College Cyber Summit about cyber security fundamentals. I’ve also been spending time working with my amazing colleagues here at Tripwire on a really cool new offering for DevOps pipelines – Tripwire for DevOps (learn more here). Spending so much time going back and forth from “back to basics” and “the future of development” had me thinking that securing DevOps is really Back to the Future.

ITIL, the Change Management Process and Tripwire Enterprise

When I speak with clients about their approach to managing their IT services, many organisations mention ITIL practices as a cornerstone to their approach. This is hardly surprising since the ITIL framework describes a sensible methodology for IT management, looking at the use of technology through the lens of what the business needs.