Blog
Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS
By Tripwire Guest Authors on Wed, 08/31/2022
Image
The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025. With digital commerce emerging as the largest segment in the projected $8.49 trillion global...
Blog
A 5 Step Checklist for Complying with PCI DSS 4.0
By Tripwire Guest Authors on Mon, 08/15/2022
Image
In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements. Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in...
Product Video
AAA: Getting Roadside Assistance from Tripwire
Mon, 08/15/2022
Tim Masey, Director of Enterprise Information Security at AAA, shared his company’s PCI journey: beginning with a small implementation of Tripwire, then running into roadblocks by Management for the expansion of products, and eventually moving forward with the implementation of Tripwire’s policy driven dashboards, rules and tasks for over 500 servers.
Guide
How Finance Companies Bank on Tripwire ExpertOps
Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems....
Guide
Tripwire State of Cyber Hygiene Report
Tripwire’s State of Cyber Hygiene report reveals the results of an extensive cybersecurity survey conducted in partnership with Dimensional Research. The survey examined if and how organizations are implementing security controls that the Center for Internet Security (CIS) refers to as "Cyber Hygiene."
Real-world breaches and security incidents prove over and over again that...
Guide
Threat Prevention is Foundational
How proper foundational controls help block today’s advanced threats
Guide
Security Configuration Management Buyer's Guide
Security configuration management (SCM) exists at the point where IT security and IT operations meet. It’s a core security control that combines elements of vulnerability assessment, automated remediation, and configuration assessment.
The goal of SCM is to reduce security risks by ensuring that systems are properly configured — or hardened — to meet internal and/or regulatory...
Guide
PCI DSS and the CIS Controls
Benchmarks, Standards, Frameworks and Regulations: What’s the Difference?
The majority of IT security guidance to industry can be placed into one of these categories: benchmarks, standards, frameworks and regulations. Most address specific security issues and offer advice based on experience, collaborated information, authorities and activities (best practices) which have...
Guide
Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls
The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s...
Guide
The Executive's Guide to the CIS Controls
See how simple and effective security controls can create a framework that helps you protect your organization and data from known cyber attack vectors.
This publication was designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust network security posture. In this guide, we will cover a wide...
Guide
Essential PCI DSS v4.0 Transition Checklist
The proliferation of online transactions isn’t the only reason the PCI Council created the new 4.0 standard. Recent years have also seen increasingly sophisticated methods among cybercriminals, a surge in cloud use, and the rise of contactless payments. This spurred the need for an updated set of PCI DSS requirements, which were released in March 2022 and will become mandatory...
Guide
Actionable Threat Intelligence: Automated IoC Matching with Tripwire
A key security challenge is finding and rooting out malware that has already become embedded on key assets. Organizations today have myriad threat intelligence sources to leverage. However, simply getting the intelligence into your organization is not enough.
Unless you have a way to operationalize myriad threat intelligence sources to make it actionable and useful, threat...
Datasheet
Tripwire ExpertOps and PCI
The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments, secure the cardholder environment to prevent credit card fraud, cyber threats and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting and storing credit card data to...
Datasheet
Security Configuration Management
In a very real sense, IT security configurations are the proverbial “keys to the kingdom” when it comes to data protection and information security. They define system safeguards while balancing acceptable risk against the need for productivity. Hackers and attackers understand this balance all too well: the 2011 Verizon Data Breach Investigations Report noted that 83 percent...
Datasheet
Tripwire Enterprise
Security, compliance, and IT operations leaders need a powerful and effective way to accurately identify security misconfigurations and indicators of compromise. Tripwire® Enterprise is the leading compliance monitoring solution, using file integrity monitoring (FIM) and security configuration management (SCM). Backed by decades of experience, it's capable of advanced use cases...
Datasheet
Tripwire Resident Engineers
The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies...
Datasheet
Tripwire’s Solutions for Automated, Continuous PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, cyber threats, and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting, and storing credit card data to...
Datasheet
10 Ways Tripwire Outperforms Other Cybersecurity Solutions
As a security professional, you’re tasked with protecting your organization against attacks, detecting threats, identifying vulnerabilities and hardening configurations. But in an increasingly crowded marketplace, how do you choose the right cybersecurity partner? From experience and technical innovation to security expertise, Fortra's Tripwire stands out from the competition.
...