Resources

PCI DSS 4.0 Requirements 3 and 4
Blog
Blog

PCI DSS 4.0 Requirements – Protect Stored Account Data and Protect Cardholder Data During Transmission

By Editorial Staff on Wed, 06/07/2023
Image If someone asked you “are you protecting your data,” your initial response would probably be to clarify what they are referring to specifically, since the question is so broadly stated. You could just reply with a terse “Yes,” but that is as open-ended and nebulous as the question.  The general idea of data protection...
Compliance
How to Avoid Cybercrime While Traveling Internationally
Blog
Blog

How to Avoid Cybercrime While Traveling Internationally

By Tripwire Guest Authors on Mon, 06/05/2023
Image Traveling abroad, whether for business or leisure, brings plenty of tangible benefits to individuals and organizations. Coupled with the convenience of innovative technology at our fingertips, business professionals can achieve a lot if they spend much of their time on foreign shores. However, despite this digital evolution,...
Vulnerability & Risk Management
Cybersecurity
The Future of Driverless Cars: Technology, Security and AI
Blog
Blog

The Future of Driverless Cars: Technology, Security and AI

By Bob Covello on Mon, 06/05/2023
Image Back in 2015, we published an article about the apparent perils of driverless cars. At that time, the newness and novelty of sitting back and allowing a car to drive you to your destination created a source of criminal fascination for some, and a nightmare for others. It has been eight years since the original article was...
Vulnerability & Risk Management
Cybersecurity
Industrial Control Systems
On-Demand Webinar
On-Demand Webinar

ATT&CKing the Center for Internet Security

Thu, 06/01/2023
From the Critical Security Controls to the Community Defense Model, CIS has provided plenty of mappings that show how knowledge from MITRE ATT&CK can be integrated with their offerings. Last year, CIS went a step further, integrating mappings from MITRE ATT&CK into their Benchmarks. This provides a wealth of information to defenders, but too much information can sometimes lead...
Compliance
CIS Controls
The-Issue-of-Insider-Threats-What-you-Need-to-Know
Blog
Blog

The Issue of Insider Threats: What you Need to Know

By Tripwire Guest Authors on Wed, 05/31/2023
Image Not all Risks Become Threats Insider threats are an updated version of the wolf in sheep's clothing - the people we rely on to safeguard systems and data can sometimes be the ones who pose the greatest risk. From malicious actors to negligent employees, insider threats come in many forms and can have devastating consequences...
Vulnerability & Risk Management
Cybersecurity
Cybersecurity-Standards-in-the-Banking-Industry
Blog
Blog

Cybersecurity Standards in the Banking Industry

By David Bruce on Wed, 05/31/2023
Image Cybersecurity has risen to become a major concern for nearly every industry. With the constant stream of news about the escalating numbers of breaches, it is understandable that governments have taken a more active role by passing cybersecurity and privacy legislation. Some of the industries are not top of mind to many people....
Cybersecurity
Compliance
Guide
Guide

PCI DSS Resource Toolkit

PCI DSS Resources for Seamless Compliance The Payment Card Industry Data Security Standard (PCI DSS) is one of the most widely applied regulatory compliance standards, meaning thousands of organizations can benefit from streamlining their compliance programs to avoid audit fines and protect cardholder data. Fortra’s Tripwire is an authority on how to achieve continuous,...
Compliance
PCI DSS
PCI DSS 4.0: How to Delight the Auditors
Blog
Blog

PCI DSS 4.0: How to Delight the Auditors

By Katrina Thompson on Tue, 05/30/2023
Image While we all know the actual point of PCI is vastly more far-reaching, we can’t deny that the juggernaut of PCI DSS 4.0 compliance is getting past the auditors. However, there is a right way to do it that doesn’t just check the box – it creates the underlying business operations that enable you to pass an audit any day, at any...
Compliance
Security Journeys: From Change Management to Compliance
Blog
Blog

Security Journeys: From Change Management to Compliance

By Chris Hudson on Wed, 05/17/2023
Image Zero Trust seems to no longer command the volume of articles that once set it up as a trend that promised a bright new future for security. This is in part because security is a journey. Rushed implementations and low returns often result in burnout with new technology, and generally the real work happens in the quiet stages...
Vulnerability & Risk Management
File Integrity & Change Monitoring
How to comply with PCI DSS 4.0 while juggling day-to-day tasks
Blog
Blog

How to comply with PCI DSS 4.0 while juggling day-to-day tasks

By Editorial Staff on Tue, 05/16/2023
Image In our webinar, Insights for Navigating PCI DSS 4.0 Milestones, we discuss some of the challenges organizations face as they try to comprehend the new requirements of PCI DSS 4.0. One of the questions we commonly hear is, “How do we prepare for PCI 4.0 deadlines while still maintaining day-to-day operations?” The discussion...
Compliance
Guide
Guide

Insider Insights for the PCI DSS 4.0 Transition

Is your organization ready for the new PCI DSS 4.0 Standard? If you’re already compliant with the most recent version of the Payment Card Industry Data Security Standard (PCI DSS), you’ve probably already begun transitioning to version 4.0 ahead of the upcoming deadline. To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic...
Compliance
PCI DSS
Tripwire VERT
Blog
Blog

VERT Threat Alert: May 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/09/2023
Image Today’s VERT Alert addresses Microsoft’s May 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1055 on Wednesday, May 10th. In-The-Wild & Disclosed CVEs CVE-2023-29336 Up first this month is a vulnerability reported by Avast...
Vulnerability & Risk Management
VERT Research
Supply Chain Compromise: The Risks You Need to Know
Blog
Blog

Supply Chain Compromise: The Risks You Need to Know

By Fortra Staff on Mon, 05/08/2023
Image This piece was originally published on Fortra’s AlertLogic.com Blog. Thinking about your own network isn’t enough to keep your business safe and profitable. As more buyers, sellers, and partners collaborate ever more closely across the world, supply chain IT risks are rising with no slowdown in sight. According to the Identity...
Vulnerability & Risk Management
Cybersecurity
tripwire_vert_patch_priority_index
Blog
Blog

Tripwire Patch Priority Index for April 2023

By Lane Thames on Fri, 05/05/2023
Image Tripwire's April 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft Edge. These patches resolve over 15 vulnerabilities such as spoofing, type confusion, and use after free vulnerabilities. Up next are 3 patches...
Vulnerability & Risk Management
Explaining the PCI DSS Evolution & Transition Phase
Blog
Blog

Explaining the PCI DSS Evolution & Transition Phase

By Tripwire Guest Authors on Wed, 04/26/2023
Image The boon of online business and credit card transactions in the early 90s and 2000s resulted in an increasing trend of online payment fraud. Since then, securing business and online card transactions has been a growing concern for all business and payment card companies.  The increasing cases of high-profile data breaches and...
Compliance
What is a WAF? (Web Application Firewall)
Blog
Blog

What is a WAF? (Web Application Firewall)

By Fortra Staff on Wed, 04/26/2023
Image This piece was originally published on Fortra’s AlertLogic.com Blog. A Comprehensive Guide to Understanding WAFs: How it Works, Types, and Security Models Web applications drive digital transformation, remote work, employee productivity, and consumer interactions. The ability to connect to critical applications over the...
Vulnerability & Risk Management
Cybersecurity
Root Cause Analysis for Deployment Failures
Blog
Blog

Root Cause Analysis for Deployment Failures

By Chris Hudson on Tue, 04/25/2023
Image Root Cause Analysis (RCA) is a technique used to identify the underlying reasons for a problem, with the aim of trying to prevent it from recurring in the future. It is often used in change management processes to help identify the source of any issues that arise following any modifications to a system or process. RCA is...
Vulnerability & Risk Management
Incident Detection & Investigation
The K-12 Report: A Cybersecurity Assessment of the 2021-2022 School Year
Blog
Blog

The K-12 Report: A Cybersecurity Assessment of the 2021-2022 School Year

By Katrina Thompson on Mon, 04/24/2023
Image The K-12 Report breaks down the cyber risks faced by public schools across the country and is sponsored by the CIS (Center for Internet Security) and the MS-ISAC (Multi-State Information Sharing & Analysis Center). Published “to prepare K-12 leaders with the information to make informed decisions around cyber risk”, the report...
Cybersecurity
Compliance
Guide
Guide

Getting in Control of Financial Services Cybersecurity Regulations

Organizations in the financial sector are all too aware that their industry continues to be one of the top targets for cyber criminals. Among financial services and insurance organizations, the leading cause of breaches is system intrusion. That’s why so many cybersecurity compliance regulations have sprung up to ensure systems are kept hardened against attack. This guide will...
Compliance
GDPR
PCI DSS
SOX