Portland, OR, USA
Jul 22, 2021   |  By Mitch Parker
Data breaches and ransomware attacks aren’t just still occurring. They’re also becoming more frequent. According to ZDNet, the number of ransomware attacks detected and blocked by one security firm grew 715% year-over-year in 2020 alone. Another security company calculated the total number of ransomware attacks for the year to be around 65,000, wrote NPR. That’s about seven ransomware incidents every hour.
Jul 21, 2021   |  By Tripwire Guest Authors
A bipartisan Senate bill would require some businesses to report data breaches to law enforcement within 24 hours or face financial penalties and the loss of government contracts. The legislation from Senate Intelligence Chair and Democratic Senator Mark Warner with Republican Senators Marco Rubio and Susan Collins is just one of several new cybersecurity bills that will likely be debated this year. If passed, the bill could require certain U.S.
Jul 21, 2021   |  By Tripwire Guest Authors
IT/OT convergence is an oft-repeated term, and maybe it’s the wrong term. From a technology standpoint, IT/OT convergence has been occurring since at least the 1990s when HMI/Operator Stations began running on Windows and when Ethernet began displacing deterministic custom LAN protocols in the OT realm. This technology convergence has continued with networking, cybersecurity, virtualization, edge, zero trust, etc.
Jul 20, 2021   |  By Tripwire Guest Authors
An EO is a written, signed, and published directive from the President that manages operations of the federal government, and although some EO’s require legislative approval, they effectively become law. It comes on the back of several high profile incidents involving Microsoft (Exchange), SolarWinds and the recent Colonial Pipeline incident. It is seen as a much-needed step to modernise and protect federal networks and improve information sharing between the private and US government.
Jul 20, 2021   |  By Ary Widdes
SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable incident investigation, and speed up your incident response time, while also giving you a unified, holistic view of your infrastructure.
Jul 19, 2021   |  By Tripwire Guest Authors
There are many important factors to consider when choosing a cloud provider for your cloud use cases. For organizations in heavily regulated industries, compliance with relevant regulations is one of the most important things to think about. Whether you’re planning for a single cloud workload or a hybrid multi-cloud setup, maintaining compliance for sensitive data in the cloud is imperative.
Jul 19, 2021   |  By Joe Pettit
Organizations need the right internal personnel like a CISO to keep their systems and data secure. But what kind of skills do these leaders need? And how should they guide their employers in a way that doesn’t overlook the evolving threat landscape? To find out, I spoke decided to speak with Goher Mohammad. Goher is the Group Head of Information Security (CSO) for L&Q. He has held that position there for just under three years.
Jul 15, 2021   |  By Graham Cluley
The United States Department of State is offering a reward of up to $10 million for information leading to the identification of anyone, working for a foreign government, who participates in a cybercriminal attack against American critical infrastructure. The news of the reward comes at the same time as the White House announced it was setting up a ransomware task force following a series of high-profile attacks in the United States.
Jul 14, 2021   |  By Craig Young
In my previous post, I disclosed that SonicWall had quietly released vulnerability fixes over the course of several days before vulnerability advisories were published for CVE-2020-5135. Rather than properly fixing CVE-2020-5135, SonicWall’s fix introduced a new vulnerability in the same code. SonicWall was aware of the new vulnerability but deferred the small fix until the next release, more than 6 months later.
Jul 13, 2021   |  By Tripwire Guest Authors
There are multitudes of advantages that the cloud has to offer to companies. These include making the task of security management more accessible. However, there are still many gray areas associated with the cloud and its implications for an organization’s overall security.
Jul 23, 2021   |  By Tripwire
Jihana Barrett, CEO of Cybrsuite explains unpacks the security needs from not just from an enterprise perspective but for day-to-day life. She also tells us about how her organization, Tech Sorority, teaches aspiring women to break stereotypes in tech.
Jul 9, 2021   |  By Tripwire
Emil Sayegh, president and CEO of Ntirety, unpacks of the issue of inauthentic identities opening doors to untraceable, fake social accounts and the impact that has on society. Emil is a cloud visionary and known as one of the "fathers of OpenStack."
Jun 25, 2021   |  By Tripwire
Gary Hibberd, Professor of Communicating Cyber for Cyberfort and former head of business continuity and information security at various companies, teaches the importance of building resilience in your organization not just with technology, but with people and processes.
Jun 11, 2021   |  By Tripwire
Dr. Eric Cole, former CISO and founder of Secure Anchor Consulting, explains how learning to communicate with business language can create a more compelling case for executive buy-in.
May 28, 2021   |  By Tripwire
Anthony Israel-Davis joins the show to discuss what you can do with the DBIR as a practitioner and his perspective on the proposed Cybersecurity Safety Review Board.
May 27, 2021   |  By Tripwire
In this session of the Tripwire Tips and Tricks series, you'll learn how to use the MITRE ATT&CK framework to protect your organization from cyberattacks. Tripwire Security Researcher David Lu will walk you through five key use cases for the framework, helping you deepen your understanding of mapping defensive controls to the framework, threat hunting, incident response, and more.
May 20, 2021   |  By Tripwire
Tripwire Configuration Manager lets you worry less about your cloud security and more about everything else.
Apr 29, 2021   |  By Tripwire
Welcome to Tripwire's Security-as-a-Service solution. Tripwire® ExpertOps extends your staff with experienced security professionals who leverage your in-house team. You’ll see rapid time to value with your choice of multiple services that can reduce your security risks and simplify your policy compliance—all hosted on a cloud infrastructure. Tripwire ExpertOps includes software, ongoing consulting, professional services, and cloud infrastructure in a single subscription.
Apr 28, 2021   |  By Tripwire
Traditional, agent-based monitoring from Tripwire® Enterprise brings best-in-breed file integrity monitoring (FIM) to your organization’s IT infrastructure. In regular practice, an agent is deployed to a supported operating system to facilitate asset monitoring. But how do you enforce FIM on operating systems that have reached their end-of-life for support, or endpoints that aren’t able to have agents installed?
Apr 27, 2021   |  By Tripwire
Security and compliance are different, yet complementary, disciplines. It’s important to understand their relationship to build a robust security program that can be used for audit success. Compliance is a kick-starter for building your security program, and security is an important focus to help ensure you are audit-ready. Join us in our Tips and Tricks series. We’ve curated this series for you, whether you are a customer looking to make the most out of your Tripwire investment, or you’re on the market for a new security solution.
Jun 4, 2019   |  By Tripwire
Learn how to use security File Integrity Monitoring effectively and strategically in your organization.
Jan 24, 2019   |  By Tripwire
Achieving DevOps security is as much a cultural effort as it is a technical one, and quality gates present the perfect opportunity to bridge the gap. Because they function within the bounds of regular DevOps processes, tools that bake security into the CI/CD pipeline by way of quality gates are more likely to win DevOps teams over.
Oct 26, 2018   |  By Tripwire
Establish and sustain the Four Essential Pillars of Federal Cybersecurity
Oct 26, 2018   |  By Tripwire
Learn how Log Management can complement SIEM, Security Analytics and Big Data tools within your organization.
Oct 1, 2018   |  By Tripwire
Learn best practices to mitigate risk, automate compliance and reduce costs.
Oct 1, 2018   |  By Tripwire
How to introduce security without losing the benefits of containers.
Sep 1, 2018   |  By Tripwire
Given the challenges facing those responsible for securing enterprise computing environments, there is no better time to have the integrity talk.
Sep 1, 2018   |  By Tripwire
Your 10-point DevOps Aligning DevOps and security is more than a matter of getting the right tools in place-it requires a cultural overhaul, too. That means taking a holistic approach to security that makes room for extra training and communication, as well as security tools designed specifically for DevOps. checklist.
Aug 1, 2018   |  By Tripwire
Building a Foundation for Cyber Integrity
Aug 1, 2018   |  By Tripwire
Your 10-point DevOps security checklist.

Tripwire is a leading provider of integrity assurance solutions that drive security, compliance and operational excellence. As the inventor of file integrity monitoring (FIM), Tripwire has a 20-year history of innovation. Tripwire’s award-winning portfolio includes configuration management, file integrity management, asset discovery, vulnerability management and log collection.

Stop Attacks, Upgrade Operations and Prove Compliance:

  • Monitor system integrity: Tripwire’s industry-leading FIM detects changes on assets across your enterprise, from on-premise data center to public cloud, and remediate them to a known and trusted state. Know who changed your systems with Tripwire Enterprise FIM.
  • Manage network vulnerabilities: Discover and profile all assets on your network with Tripwire IP360. Minimize manual effort through integration with your existing tools and processes. Get complete asset discovery with Tripwire’s easy system remediation.
  • Automate regulatory compliance: Reduce audit workload by leveraging the most extensive policy library in the industry. Automate workflows to achieve and maintain compliance over time with monitoring, audit evidence and reports.
  • Maximize operations uptime: Detect, audit and validate changes across your network to flag unauthorized changes for investigation, reduce unplanned work and speed up MTTR when incidents occur.

Protect against cyberattacks with the industry’s best foundational security controls. Detect threats, identify vulnerabilities, and harden configurations in real time with Tripwire.