Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Are you concerned about the security and compliance risks that come along with your organization's work-from-home solutions? As more and more professionals connect to your organization's networks via VPN and conduct their work with tools like Zoom, Teams and WebEx, it's critical that your cybersecurity processes expand to include these changes.

After the onset of Covid-19, organizations pivoted quickly from a fixed, traditional kind of infrastructure to a virtual, distributed one to support remote workers and enable social distancing. The nature of stop-gap responses to this crisis opens your organization up to more risk, less resiliency and redundancy. How are you going to make sure your flexible architecture and dispersed teams can deal with penetrations, loss of connectivity and other outages? Now, more than ever, comprehensive governance across all of your infrastructure-in both IT and OT networks-is essential.

Across the cybersecurity community, there's wide agreement that the Center for Internet Security's 20 CIS Controls act as a gold standard framework for system hardening and attack surface reduction. What's not so widely agreed-upon is the best way to implement the controls, as organizations have a surplus of cybersecurity solutions to choose from to get the job done. Join us on August 13th, 2020 for a live panel webcast with Tripwire experts Mike Betti and Brian Cusack. They'll walk you through common use cases to show how worthwhile an investment the 20 CIS Controls can be.

Now more than ever, it's important to make sure you have foundational security controls in place. Rather than recruiting and training in a scarce talent market, extend your team with a security-as-a-service model. Tripwire® ExpertOps delivers the industry's best FIM and SCM in a cloud-based managed service model so your team can focus their efforts in the most impactful way possible-knowing their cybersecurity and compliance posture is in good hands.

Is your organization new to the cloud? Most companies have moved less than 20 percent of their workloads into the cloud. Tripwire can help you make your journey to the cloud more secure based on industry standards and best practices like the Center for Internet Security's 20 CIS Controls.

Events like the recent Sunburst/SolarWinds and Florida water plant breaches serve as a reminder that the supply chain needs to be secured just as much as your organization's in-house infrastructure. Protecting the supply chain is a matter of implementing the right cybersecurity controls to your multi-vendor environment, such as the 20 Center for Internet Security (CIS) Controls.

Traditional, agent-based monitoring from Tripwire® Enterprise brings best-in-breed file integrity monitoring (FIM) to your organization's IT infrastructure. In regular practice, an agent is deployed to a supported operating system to facilitate asset monitoring. But how do you enforce FIM on operating systems that have reached their end-of-life for support, or endpoints that aren't able to have agents installed?

The MITRE ATT&CK framework helps you see your systems through the eyes of an attacker by categorizing cybercriminals' most-used tactics and techniques. MITRE is a not-for-profit organization that operates federally-funded research and development centers. Their ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework illustrates how adversaries behave and lays out best practices for mitigating risk and improving security.

Once ransomware has a hold on your systems, it's often too late to undo the damage. That's why putting your focus on the prevention and rapid detection of ransomware is the key to minimizing your risks from these insidious cyberattacks. Join cybersecurity experts Tim Erlin and Dr. Ed Amoroso on September 30, 2021 at 7:00 a.m. PT (3:00 p.m. BST) for a discussion around the current ransomware threat landscape and techniques you can use to stay a step ahead of ransomware attacks.

Threat hunting is a challenging, complex and time consuming exploratory activity. Threat hunters must explore, prioritize & investigate threats, gather data with context, connect disparate pieces of data, and conduct rapid and relevant analysis. Unfortunately today's tools get in the way and prevent the analyst from doing what they do best - hunt threats.