Resources

Live Webinar
The Center for Internet Security (CIS) Critical Security Controls (CSC) are a trusted source of truth in the cybersecurity community. Many organizations implement the CIS CSC framework to ensure their cybersecurity programs are functioning at peak effectiveness. The latest iteration, CIS CSC v8.1, was released earlier this year. Join Matthew Jerzewski, Cybersecurity Researcher...
Blog

Why Security Configuration Management (SCM) Matters

Security configuration management (SCM) is all about making sure your security systems do what you think they’re doing.In tennis, there is something called an unforced error. This is when a player loses points for a mistake they made themselves, not due to the skill of the other opponent. In a big way, security misconfigurations are those unforced errors on the security side or instances in which...
Blog

Preventing Breaches Using Indicators of Compromise

The story of cybersecurity involves bad actors and security professionals constantly trying to thwart each other, often using newer and more advanced measures in an attempt to outdo each other. In recent years, especially, cybercriminals have evolved to include sophisticated technology and advanced tactics in their attacks. With the increasing popularity of tools and practices like artificial...
Blog

The Importance of Layered Cybersecurity Solutions

The threat of cyberattacks is at an all-time high. In fact, research shows that worldwide cybercrime costs are anticipated to reach $10.5 trillion annually by 2025. Cybercriminals threaten all, as 43% of cyberattacks target small enterprises. The rise of these threats underscores the importance of a robust cyber defense strategy, and one key way to do that is through layered cybersecurity...
Datasheet

Tripwire Enterprise and IBM i

Many of the world's largest companies rely on IBM i operating on IBM Power Servers as their strategic platform for business-critical activities such as retail, distribution, logistics, banking, manufacturing planning, healthcare, insurance, hospitality management, government administration, and legal case management. Given the widespread use of the IBM i operating system, advanced cybersecurity...
On-Demand Webinar

PCI 4.0 is Here: Your Guide to Navigating Compliance Success

The transition period from PCI DSS 3.2.1 to 4.0 ended on March 31, 2024, a date toward which many organizations have dedicated countless hours of preparation. Looking back on that time, do you know where your compliance efforts stand now? Watch PCI experts Steven Sletten and Jeff Hall in this on-demand webinar PCI 4.0 is Here: Your Guide to Navigating Compliance Success to learn how to...
Guide

What Experts Have to Say About Choosing the Right Cybersecurity Frameworks

Frameworks like the Center for Internet Security (CIS) Controls, MITRE ATT&CK and the National Institute of Standards and Technology (NIST) Cybersecurity Framework give organizations clear, step-by-step methodologies for protecting their sensitive data, leveraging a wealth of industry knowledge to take the guesswork out of your security program.While these cybersecurity frameworks aren’t mandatory...
Guide

Staying Current With the Transportation Security Administration’s Oil and Gas Security Directives

Escalating cyberthreats in the oil and gas industry underscore the need for substantial collaboration between public and private sectors to mitigate this national security risk, and much of this responsibility falls on the shoulders of individual pipeline operators who need to comply with the Transportation Security Administration (TSA) Security Directive.Despite being best known for its role in...
On-Demand Webinar

Breaking Compliance Into Bite-Sized Portions

Which standards and regulations do you need to comply with? Most organizations have to prove compliance with multiple standards simultaneously to keep their systems secure and avoid audit fines. But it can be difficult to keep up with changing regulations, achieve continuous compliance, or even know where to start.This on-demand webinar presented by Fortra's Tripwire is designed to equip you with...
Blog

Exploring Advanced Tripwire Enterprise Capabilities

In today's digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While many of these tools are important and necessary, organizations often don't use them...
Blog

Security vs. Compliance: What's the Difference?

Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis that I was part of...
Datasheet

What Makes Fortra’s Tripwire Different

Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a profusion of vendors...
On-Demand Webinar

Digging Deeper: Discover Advanced Tripwire Enterprise Capabilities

Most people know Fortra’s Tripwire Enterprise for its essential file integrity monitoring and security configuration management capabilities. But what about the more advanced use cases, like dealing with zero-day vulnerabilities or isolating specific systems when they contain a critical risk? Watch the on-demand webinar presented by Forta’s Tripwire to find out more about these unique use cases...
On-Demand Webinar

Top Security Misconfigurations to Watch Out For

Misconfigurations continue to be a leading cause of cybersecurity breaches. Luckily, you can prevent and correct them with the right knowledge and tools on your side. The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) recently released a joint cybersecurity advisory (CSA) sharing the most common misconfigurations observed by their Red and Blue team...
Guide

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide Application...
Blog

5 Tripwire Enterprise Misconfigurations to Avoid

Configuration management is vitally important as part of a sound cybersecurity strategy. We have previously published how patching alone is not enough, as that does not alter a system’s customized configuration. Misconfigurations can be as damaging to security as a deliberate attack on a system. As the manufacturer of Tripwire Enterprise (TE), we...
On-Demand Webinar

Best Practices for the PCI DSS 4.0 Countdown

The deadline for compliance with the Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements isn’t until March 31, 2024, but organizations that allow those remaining months to fly by without adequate preparation may face last-minute PCI panic. The best approach is to steadily reach key milestones so you’ll be fully prepared when the deadline arrives. Watch the on-demand webinar...
Datasheet

NCA Compliance with Fortra

The National Cybersecurity Authority (NCA) is the government entity in charge of cybersecurity in Saudi Arabia, encompassing both regulatory and operational functions related to cybersecurity. National Cybersecurity Authority Essential Cybersecurity Controls The NCA works closely with public and private entities to improve the cybersecurity posture of the country in order to safeguard its vital...
Datasheet

Achieving NIA Compliance with Fortra

The National Information Assurance (NIA) Policy provides organizations with the necessary cybersecurity foundation and the relevant tools to enable the implementation of a full-fledged Information Security Management System. Keeping sensitive data and assets safe is the goal of regulatory cybersecurity frameworks such as the NIA. The NIA policy guides organizations in classifying the impact of...
On-Demand Webinar

Expert Compliance Automation Tips for Financial Services

Cybersecurity compliance standards like the Payment Card Industry Data Security Standard (PCI DSS) and Society for Worldwide Interbank Financial Telecommunications (SWIFT) do an excellent job of hardening systems against breaches. This is especially important in the financial services sector, a common target for cybercriminals. This on-demand webinar presented by Senior Solutions Engineer Dan...