Tripwire Assets & Resources

Filter resources by product, type or topic:

Case Study:

Astro and Tripwire: Making Best Practices a Daily Show

Astro, a leading satellite television broadcasting company in South East Asia turned to Tripwire Enterprise to help them automate numerous manual processes to support their growing IT environment and achieve PCI compliance. Download the case…

White Paper:

PCI DSS and the "Top 20" Critical Security Controls

The majority of IT security guidance to industry can be placed into one of these categories: benchmarks, standards, frameworks and regulations. An ongoing challenge is how to navigate the myriad source materials, identify the most salient and effective components of each document, and then use that information to build the most effective security program for your organization.

Uncategorized:

Tripwire PCI 3.2 Report Catalog

As businesses are well aware, any organization that conducts transactions with credit or debit cards must comply with the latest Payment Card Industry Data Security Standard (PCI DSS 3.2).

Video:

AAA: Getting Roadside Assistance from Tripwire (Webcast)

Tim Masey, Director of Enterprise Information Security at AAA, shared his company’s PCI journey: beginning with a small implementation of Tripwire, then running into roadblocks by Management for the expansion of products, and eventually moving…

Infographic:

PCI DSS 3.0 and the 20 Critical Security Controls Infographic

This infographic provides a visual layout of how the PCI DSS 3.0 requirements align with the foundational Top 20 Critical Security Controls. Build greater efficiency in your security program by seeing how one security control can help you meet several security goals.

Case Study:

Girl Scouts of Northern California

The Girl Scouts of Northern California's goal was continuous compliance with the PCI Data Security Standard, and to be prepared for upcoming changes to the standard. The organization chose the integrated suite of Tripwire® Enterprise…

White Paper:

Securing the Cyber EO's Four Critical Frontiers

Gain insight into the Cyber Executive Order (EO)’s priorities and what it takes for agency leaders to make more informed risk decisions in an era of increased accountability.

Research:

Hanover Research - Government IT Security Survey Analysis

In this report, Hanover Research presents the results of the Government IT Security GTRA Member survey. The goal of the survey was to better understand how government IT security and compliance employees feel about the state of US Federal IT security.

White Paper:

Adjusting to the Reality of RMF

The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security.

Solution Brief:

PSN Code of Connection – GPG13

UK Public Sector organizations are mandated to comply with certain regulations and standards before connecting to the Government’s Secure Extranet. CESG (the Information Security arm of GCHQ), and the National Technical Authority for Information Assurance documented 35 Good Practice Guides to help public sector organizations manage risk.

Solution Brief:

Tripwire Solutions for Healthcare Organizations

Healthcare organizations hold patient data that's extremely valuable on the black market, making them prime targets for cybercriminals. The advent of Internet-connected medical devices has done nothing but increase the attack surface of these organizations, while at the same time they struggle to comply with a multitude of changing regulations.

Solution Brief:

Security and Compliance for Healthcare Exchanges: Addressing MARS-E 2.0

Medical organizations, insurance companies and state healthcare agencies have seen a dramatic increase in breaches—the top 2015 breaches involved insurance companies, a medical facility and a state agency. This is due to the rich information contained in medical records—information that can be used for profitable health care fraud as well as all the traditional scams that stolen data can power.