-
Tyler Reguly
-
Steven Sletten
Blog
Security vs. Compliance: What's the Difference?
By Anthony Israel-Davis on Thu, 04/04/2024
Image
Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together.
As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis...
Datasheet
What Makes Fortra’s Tripwire Different
Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a...
Datasheet
NCA Compliance with Fortra
The National Cybersecurity Authority (NCA) is the government entity in charge of cybersecurity in Saudi Arabia, encompassing both regulatory and operational functions related to cybersecurity.
National Cybersecurity Authority Essential Cybersecurity Controls
The NCA works closely with public and private entities to improve the cybersecurity posture of the country in order to...
Datasheet
Achieving NIA Compliance with Fortra
The National Information Assurance (NIA) Policy provides organizations with the necessary cybersecurity foundation and the relevant tools to enable the implementation of a full-fledged Information Security Management System. Keeping sensitive data and assets safe is the goal of regulatory cybersecurity frameworks such as the NIA.
The NIA policy guides organizations in...
Blog
Tripwire & Towerline: Easing the burden of the NERC CIP audit process
By Tripwire Guest Authors on Tue, 12/20/2022
Image
When we speak of necessary evils, some images readily spring to mind. A dental appointment, automobile insurance, and many others. In cybersecurity, audits fit this image quite well. There are many uncomfortable aspects of audits, including the need to maintain accurate records, as well as finding the time to perform all the...
Blog
Security Configuration Management Use Cases: Policy Monitoring for Security
By David Bruce on Wed, 11/23/2022
Image
In the business world, compliance means making sure that companies of all sizes are meeting the standards set by regulatory or oversight groups in various laws and standards, such as HIPAA, PCI DSS, SOX, and GDPR. Sometimes, an organization will self-impose its compliance by adhering to guidance and frameworks from organizations...
Blog
Integrity Monitoring Use Cases: Compliance
By David Bruce on Wed, 10/19/2022
Image
What is File Integrity Monitoring?
The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations...
Datasheet
The Egypt Financial Cybersecurity Framework
Central Bank of Egypt (CBE) identified key areas of focus to tailor a cybersecurity framework to the unique requirements of the Egyptian financial sector. This framework will serve as the foundational guidance for cybersecurity capability development within this critical sector. This is the kick-off of a larger-scale effort by the CBE to build a robust and sustainable...
Datasheet
The Tripwire NERC CIP Solution Suite
The North American Electric Reliability Corporation (NERC) maintains comprehensive reliability standards that define requirements for planning and operating the bulk electric system (BES). Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which specify a minimum set of controls and processes for power generation and transmission companies to...
Datasheet
IRS 1075 Compliance Solutions with Tripwire
The IRS 1075 publication lays out a framework of compliance regulations to ensure federal tax information (FTI) is treated with adequate security provisioning to protect its confidentiality. This may sound simple enough, but IRS 1075 puts forth a complex set of managerial, operational and technical security controls you must continuously follow in order to maintain ongoing...
Datasheet
The National Cybersecurity Authority (NCA) Compliance with Tripwire Enterprise
The National Cybersecurity Authority (NCA) is the government entity in charge of cybersecurity in Saudi Arabia, encompassing both regulatory and operational functions related to cybersecurity.
National Cybersecurity Authority Essential Cybersecurity Controls
The NCA works closely with public and private entities to improve the cybersecurity posture of the country in order...
Datasheet
National Information Assurance (NIA) Certification with Tripwire Enterprise
Keeping sensitive data and assets safe is the goal of regulatory cybersecurity frameworks such as the NIA. The National Information Assurance Policy provides organizations with the necessary foundation and the relevant tools to enable the implementation of a full-fledged Information Security Management System.
The NIA policy guides organizations in classifying the impact of...
Datasheet
Implementing FISMA SI-7
To enhance your Federal Information Security Management Act (FISMA) compliance grade, you must implement one of the most challenging controls in NIST SP 800-53: the Controls, Family: System Information & Integrity (SI) 7 requirement. SI-7 states that organizations must employ automated and centrally managed integrity verification tools to detect unauthorized change. This level...
Datasheet
The Tripwire HIPAA Solution
The United States Health Insurance Portability and Accountability Act of 1996, or HIPAA, was enacted to safeguard Protected Health Information (PHI) by mandating procedures and controls to assure the public that critical and private information is controlled from loss of confidentiality, integrity or availability. With few exceptions, an organization is subject to HIPAA if it...
Datasheet
Tripwire and HITRUST
The HITRUST CSF rationalizes relevant regulations and standards (such as NIST, CIS, and HIPAA) into a single overarching security and privacy framework. Now, with Tripwire® Enterprise, organizations can automate HITRUST CSF assessment and reduce the burden of compliance.
Any organization that collects or stores personally identifiable information (PII) faces a relentless...
Datasheet
CMMC Compliance with Tripwire
The U.S. Department of Defense (DoD) is implementing the Cybersecurity Maturity Model Certification (CMMC) program to standardize the level of cybersecurity implemented throughout its 300,000 suppliers. In practice, this means that every member of the Defense Industrial Base (DIB) will be required to pass an audit in order to win DoD contracts. Compliance for a small number of...
Datasheet
Tripwire Enterprise and Cisco AMP Threat Grid
Overview
There is mounting concern at the senior executive and board level regarding cybersecurity, driven by highly visible advanced targeted attacks. These attacks threaten precious IP, valuable customer information, company valuation and trade secrets. To truly protect valuable resources, organizations have to accept the nature of modern networked environments and devices,...
Datasheet
Automated TISAX Compliance
TISAX, the Trusted Information Security Assessment Exchange, is a mandatory compliance requirement for companies that touch any point of the German automotive supply chain. Its industry-wide enforcement applies to auto manufacturers and OEMs (original equipment manufacturers), but reaches further to encompass development and procurement departments as well: Even if your company...