Tripwire Assets & Resources

Filter resources by product, type or topic:


Industrial Cyber Security For Dummies

Your go-to guide for getting started with industrial cyber security, this Special Belden/Tripwire Edition e-book is packed with security insights specific to industrial control systems and operations environments – you'll have smart answers when brainless questions come up.

Solution Brief:

Detect and Defend Against Cyber Attacks on the Power Grid

The attack on the Ukrainian power grid on Christmas Eve 2015 was a huge wake up call for the energy industry. Attackers overwrote firmware on critical devices at 16 substations, leaving them unresponsive to any remote commands from operators. As a result of those attacks, 80,000 customers went without electricity for six hours, and workers had to control the breakers manually. 

Case Study:

Idaho Power

Manual audits to check for Sarbanes-Oxley Act and internal control compliance of Idaho Power's servers were eating up too much time. One solution was to test a small percentage of representative servers, but Idaho Power wanted more complete…

Solution Brief:

Achieve and Maintain Compliance with the Smart Energy Code: Protecting the UK's Energy Infrastructure with Tripwire

While the UK’s energy supply is becoming more connected, the march toward progress also introduces new risks that need to be addressed. The Smart Energy Code (SEC) defines the rights and obligations of energy suppliers, network operators and other relevant parties involved in the end-to-end management of smart metering in Great Britain.

White Paper:

Defending Industrial Control Systems with Tripwire

Threats to Industrial Control Systems (ICS) are increasing—a reality that ICS-centric industries have begun to recognize. As a response to the growing need for protection from cyberattacks, the Department of Homeland Security (DHS), National Cybersecurity and Communications Integration Center (NCCIC) and the National Security Agency (NSA) have published Seven Steps to Effectively Defend Industrial Control Systems, a paper aimed at providing practical steps organizations can take to protect their infrastructure.


Real-time Threat Detection with Tripwire SCM Solutions

Tripwire helps organizations of all sizes successfully automate the hardening of their servers, databases and network devices. With information gleaned by TechValidate, learn how our patented, award-winning suite of Security Configuration Management (SCM) products and services are used by satisfied customers worldwide to prevent and detect a variety of security threats.


SCM for Dummies Video Trailer

Securing your server and network configurations may be the smartest security effort you can make. Why? Continually protected and hardened systems keep your data safe, repel exploits, and provide measurable confidence.

White Paper:

SANS: Secure Configuration Management Demystified

Security experts and analysts agree that a systematic, enterprise-wide program of secure configuration management is one of the most beneficial security solutions you can implement. It provides an objective, concise measure of your overall  security posture. But it continues to be recognized as one of the “hardest things to accomplish” for IT security teams. This white paper discusses why these controls are so important, how to enable them in manageable, bite-size chunks, and how to get cooperation from your cross-functional IT operations teams.

White Paper:

Security Configuration Management: Getting Back to IT Security Basics

In IT security, obvious weaknesses like weak configurations often get overlooked. Yet for hackers, they’re an open door into networks and systems. Learn how security configuration management (SCM), a critical security control, hardens configurations to prevent breaches, and immediately detects and corrects any subsequent changes that weaken them.


Prescriptive Guide to Security Reference Architecture

Implementing a security architecture capable of protecting against today’s threats in an always evolving technology environment is a huge challenge. Your biggest challenge may be simply knowing how and where to start. Which controls do you need, how do you choose them, how do you deploy them, how do they work together, and how do they work with operational systems? Equally important, how do you create and grow a security program with the necessary people and processes to build, maintain, manage and improve a resilient security architecture?

The lastest in Tripwire’s Prescriptive Guide series, Security Reference Architecture: A Practical Guide to Implementing Foundational Controls, provides those answers. It gives you a path forward and explains important details and considerations when implementing a security reference architecture, providing guidance on expanding and improving it as you advance the capabilities your security program provides the greater organization. 

Solution Brief:

Security Configuration Management Executive Brief

White Paper:

Security Configuration Management: Moving from Praise to Results

A whole host of industry recognized sources, including Gartner, Securosis and SANS have been consistently recommending security configuration management (SCM) as one of the top, if not the top, security controls you can implement to protect your IT infrastructure and data. Surprisingly, even though most organizations agree on its value, few have actually implemented SCM. Why not?