the State of Security

Configuration Assessment

Would Tripwire have caught the Heartland Payment breach sooner?

by Ed Rarick

Had Heartland Payment been using Tripwire’s Enhanced File Integrity Monitoring solution, they would have uncovered something amuck within hours or even minutes of being breached—provided the solution was utilized as described below and the alerts were acted upon. Here is a simple summary of what Tripwire’s Enhanced File Integrity Monitoring solution would have provided the [...]

Read More

Trust Is Not A Control (And Neither Is Luck): Critiquing The Fannie Mae Critiques

by ~Previous Contributers

One of the best things I’ve read lately was “Change Controls: Ur Doin It Rong” article by Hal Pomeranz. Hal Pomeranz wrote this after he read the FBI affidavit describing how Rajendrasinh Makwana, a former consultant at Fannie Mae, allegedly planted malicious code on Fannie Mae’s servers after he had been terminated. What made this [...]

Read More

Next Entries →