Portland, OR, USA
Oct 17, 2021   |  By Ben Layer
You may already know that Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, and Google Cloud Platform, but did you know it also has capabilities to monitor other cloud based software services such as Salesforce? Salesforce is a popular customer relationship management (CRM) service with rich configuration options that could lead to unintended risks if it is improperly configured.
Oct 14, 2021   |  By Graham Cluley
Google has released a report taking a close look at the more than 80 million ransomware samples uploaded to its VirusTotal service in the last year and a half. Each day, approximately 150,000 ransomware samples were analysed by the free VirusTotal service after being submitted by suspicious computer users, and shared with the security community to enhance their threat intelligence and improve anti-virus products.
Oct 14, 2021   |  By Andrew Swoboda
Windows 11 was released on October 5, 2021. It has several new installation requirements including, most notably, Secure Boot and a Trusted Platform Module. These features can provide a more secure computing environment, but if you need to virtualize a Windows 11 environment, you will need virtualization software that supports this.
Oct 13, 2021   |  By David Lu
Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular review is useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of a successful attack. CIS Control 8 emphasizes the need for centralized collection and storage and standardization to better coordinate audit log reviews.
Oct 11, 2021   |  By Richard Springer
Back in early June, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) published a fact sheet discussing the rising threat of ransomware to operational technology (OT) assets. This development raises several questions. Why is ransomware a threat to OT environments? And what can organizations do to protect their OT assets against ransomware?
Oct 10, 2021   |  By Michelle Gunter
Back in the early days of networking, many companies assigned all of the responsibilities to anyone who showed any aptitude towards operating a computer. In many companies, this was an accountant or someone else who also managed sensitive financial information. The assumption was that the person managing the corporate books was the most trustworthy person in the organization.
Oct 7, 2021   |  By Graham Cluley
Organisations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists. That’s the intention of the Ransom Disclosure Act, a new bill proposed by US Senator Elizabeth Warren and Representative Deborah Ross.
Oct 6, 2021   |  By Tyler Reguly
When it comes to cybersecurity, vulnerability management is one of the older technologies that still play a critical role in securing our assets. It is often overlooked, disregarded, or considered only for checkbox compliance needs, but a proper vulnerability management program can play a critical role in avoiding a series data breach. CIS Control 07 provides the minimum requirements, table stakes if you will, for establishing a successful vulnerability management program.
Oct 5, 2021   |  By Craig Young
Canopy was advertised to me through my child’s school. The company offers a multi-platform parental control app claiming various abilities to limit and monitor use of protected devices. Access to Canopy is billed monthly and includes a compelling list of features for concerned parents: Several of these features imply that the app has privileged access to the protected device and may be intercepting TLS connections to filter content.
Oct 5, 2021   |  By David Bisson
In my previous post, I discussed some of the reasons why organizations decide to partner with managed service providers (MSPs). Organizations need to be careful when deciding to work with a specific provider, however, as not all MSPs are the created the same. Part of the reason why is because MSPs come in four varieties. Let’s discuss those types below.
Oct 11, 2021   |  By Tripwire
Recording of a Tripwire Q&A with Gary Hibberd, Professor of Communicating Cyber at Cyberfort Group. As ransomware attacks increase we discuss how the threat is only set to increase as attacks become increasingly sophisticated and government organizations and public bodies in the UK wrestle with the challenges and complexities of migrating securely from the PSN.
Oct 1, 2021   |  By Tripwire
For industrial organizations, managing cybersecurity and compliance is a big job. On top of your IT servers, workstations, applications and databases, etc. you have your plant operations and OT: industrial control systems, SCADA systems, HMIs, etc. Luckily, Tripwire can help you with IT, OT and the convergence of both. From the factory floor, to the top floor, Purdue levels zero through five.
Sep 29, 2021   |  By Tripwire
In this episode, Patrick Miller, Founder of Ampere Industrial Security, discusses what utilities and other industrial companies need to consider when it comes to the goldmines of data they're collecting from their machines and customers, and why security and privacy needs to be incorporated in these operations by design.
Sep 10, 2021   |  By Tripwire
In this episode, Tripwire's Brent Holder and Raymond Kirk discuss what cloud security means today. Breaking down the different aspects of cloud security controls, they cover the technology, security implications and risks with cloud use.
Sep 7, 2021   |  By Tripwire
Join Tripwire's Ted Rassieur as he walks through how to operationalize the CIP baseline with the Tripwire solution
Sep 3, 2021   |  By Tripwire
Between complex IT networks, internet of things, digitized factory floors, increased cloud usage and remote work… you need to protect your digital assets/infrastructure to operate your business safely and securely. You need to trust that your systems are in a known and trusted state, they are hardened up to industry standards, they are meeting your policies, and ensure sure they stay that way. You also need to know when that changes, and which systems are causing a weakness in your security posture.
Aug 13, 2021   |  By Tripwire
In this episode, Greg Wilson, CISO of Docupace, discussed the rise of ransomware during uncertain times (i.e. COVID pandemic), whether its here to stay, and how to prevent damage with security hygiene.
Jul 23, 2021   |  By Tripwire
Jihana Barrett, CEO of Cybrsuite explains unpacks the security needs from not just from an enterprise perspective but for day-to-day life. She also tells us about how her organization, Tech Sorority, teaches aspiring women to break stereotypes in tech.
Jul 9, 2021   |  By Tripwire
Emil Sayegh, president and CEO of Ntirety, unpacks of the issue of inauthentic identities opening doors to untraceable, fake social accounts and the impact that has on society. Emil is a cloud visionary and known as one of the "fathers of OpenStack."
Jun 25, 2021   |  By Tripwire
Gary Hibberd, Professor of Communicating Cyber for Cyberfort and former head of business continuity and information security at various companies, teaches the importance of building resilience in your organization not just with technology, but with people and processes.
Jun 4, 2019   |  By Tripwire
Learn how to use security File Integrity Monitoring effectively and strategically in your organization.
Jan 24, 2019   |  By Tripwire
Achieving DevOps security is as much a cultural effort as it is a technical one, and quality gates present the perfect opportunity to bridge the gap. Because they function within the bounds of regular DevOps processes, tools that bake security into the CI/CD pipeline by way of quality gates are more likely to win DevOps teams over.
Oct 26, 2018   |  By Tripwire
Establish and sustain the Four Essential Pillars of Federal Cybersecurity
Oct 26, 2018   |  By Tripwire
Learn how Log Management can complement SIEM, Security Analytics and Big Data tools within your organization.
Oct 1, 2018   |  By Tripwire
Learn best practices to mitigate risk, automate compliance and reduce costs.
Oct 1, 2018   |  By Tripwire
How to introduce security without losing the benefits of containers.
Sep 1, 2018   |  By Tripwire
Given the challenges facing those responsible for securing enterprise computing environments, there is no better time to have the integrity talk.
Sep 1, 2018   |  By Tripwire
Your 10-point DevOps Aligning DevOps and security is more than a matter of getting the right tools in place-it requires a cultural overhaul, too. That means taking a holistic approach to security that makes room for extra training and communication, as well as security tools designed specifically for DevOps. checklist.
Aug 1, 2018   |  By Tripwire
Building a Foundation for Cyber Integrity
Aug 1, 2018   |  By Tripwire
Your 10-point DevOps security checklist.

Tripwire is a leading provider of integrity assurance solutions that drive security, compliance and operational excellence. As the inventor of file integrity monitoring (FIM), Tripwire has a 20-year history of innovation. Tripwire’s award-winning portfolio includes configuration management, file integrity management, asset discovery, vulnerability management and log collection.

Stop Attacks, Upgrade Operations and Prove Compliance:

  • Monitor system integrity: Tripwire’s industry-leading FIM detects changes on assets across your enterprise, from on-premise data center to public cloud, and remediate them to a known and trusted state. Know who changed your systems with Tripwire Enterprise FIM.
  • Manage network vulnerabilities: Discover and profile all assets on your network with Tripwire IP360. Minimize manual effort through integration with your existing tools and processes. Get complete asset discovery with Tripwire’s easy system remediation.
  • Automate regulatory compliance: Reduce audit workload by leveraging the most extensive policy library in the industry. Automate workflows to achieve and maintain compliance over time with monitoring, audit evidence and reports.
  • Maximize operations uptime: Detect, audit and validate changes across your network to flag unauthorized changes for investigation, reduce unplanned work and speed up MTTR when incidents occur.

Protect against cyberattacks with the industry’s best foundational security controls. Detect threats, identify vulnerabilities, and harden configurations in real time with Tripwire.