Resources

Blog

Why Security Configuration Management (SCM) Matters

Security configuration management (SCM) is all about making sure your security systems do what you think they’re doing.In tennis, there is something called an unforced error. This is when a player loses points for a mistake they made themselves, not due to the skill of the other opponent. In a big way, security misconfigurations are those unforced errors on the security side or instances in which...
Blog

Preventing Breaches Using Indicators of Compromise

The story of cybersecurity involves bad actors and security professionals constantly trying to thwart each other, often using newer and more advanced measures in an attempt to outdo each other. In recent years, especially, cybercriminals have evolved to include sophisticated technology and advanced tactics in their attacks. With the increasing popularity of tools and practices like artificial...
Blog

The Importance of Layered Cybersecurity Solutions

The threat of cyberattacks is at an all-time high. In fact, research shows that worldwide cybercrime costs are anticipated to reach $10.5 trillion annually by 2025. Cybercriminals threaten all, as 43% of cyberattacks target small enterprises. The rise of these threats underscores the importance of a robust cyber defense strategy, and one key way to do that is through layered cybersecurity...
Datasheet

Tripwire Enterprise and IBM i

Many of the world's largest companies rely on IBM i operating on IBM Power Servers as their strategic platform for business-critical activities such as retail, distribution, logistics, banking, manufacturing planning, healthcare, insurance, hospitality management, government administration, and legal case management. Given the widespread use of the IBM i operating system, advanced cybersecurity...
On-Demand Webinar

FIM Isn’t Just for Files Anymore

File integrity monitoring was invented by Tripwire’s founder over 25 years ago and has evolved over time to become one of the most important security controls — so critical, in fact, that it’s required by major compliance standards like the Payment Card Industry Data Security Standard (PCI DSS). But what a lot of cybersecurity professionals aren’t familiar with is how FIM has expanded to include a...
Blog

Gaining Network Transparency with Asset Discovery and Compliance for IT/OT

I recently came across the "Johari Window Model" and thought this would be a good way to gain inspiration to explain the conundrum faced by many cybersecurity customers. The table below shows us the breakdown of the stages that are applicable not just to IT and OT environments but also to other facets of our daily lives. This model can be applied...
Blog

Integrity and FIM: It’s More than Just Data Security

Integrity is a vital component of any cybersecurity policy, making up one-third of the CIA Triad. However, until recently, the industry has had a limited understanding of the term, using it primarily in the context of data security. Integrity means so much more than this principle alone: it impacts every facet of an information system and can drive an organization's entire security program. ...
Guide

What Experts Have to Say About Choosing the Right Cybersecurity Frameworks

Frameworks like the Center for Internet Security (CIS) Controls, MITRE ATT&CK and the National Institute of Standards and Technology (NIST) Cybersecurity Framework give organizations clear, step-by-step methodologies for protecting their sensitive data, leveraging a wealth of industry knowledge to take the guesswork out of your security program.While these cybersecurity frameworks aren’t mandatory...
Blog

What Is an Axon Agent, and Why Do You Need One?

The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these...
Blog

Exploring Advanced Tripwire Enterprise Capabilities

In today's digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While many of these tools are important and necessary, organizations often don't use them...
Blog

Security vs. Compliance: What's the Difference?

Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis that I was part of...
Datasheet

What Makes Fortra’s Tripwire Different

Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a profusion of vendors...
On-Demand Webinar

Digging Deeper: Discover Advanced Tripwire Enterprise Capabilities

Most people know Fortra’s Tripwire Enterprise for its essential file integrity monitoring and security configuration management capabilities. But what about the more advanced use cases, like dealing with zero-day vulnerabilities or isolating specific systems when they contain a critical risk? Watch the on-demand webinar presented by Forta’s Tripwire to find out more about these unique use cases...
Blog

Know Thyself and Thy Network

The shifting sands of IT make the adage "you never know it all" ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little something about everything. I was a young man with a voracious reading appetite and an active imagination – both of which were thoroughly outpaced by...
On-Demand Webinar

Top Security Misconfigurations to Watch Out For

Misconfigurations continue to be a leading cause of cybersecurity breaches. Luckily, you can prevent and correct them with the right knowledge and tools on your side. The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) recently released a joint cybersecurity advisory (CSA) sharing the most common misconfigurations observed by their Red and Blue team...
Guide

What Cybersecurity Pros Think of Zero Trust Today

Zero trust isn’t a new model, but its influence on the cybersecurity industry has strengthened over time since 1994. Zero trust became especially top-of-mind a few years ago when remote work and cloud services took off, prompting organizational leaders to rethink the way they enforced cybersecurity controls in an increasingly perimeter-less world. Is zero trust just another cybersecurity buzzword...
Guide

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide Application...
On-Demand Webinar

Expert Compliance Automation Tips for Financial Services

Cybersecurity compliance standards like the Payment Card Industry Data Security Standard (PCI DSS) and Society for Worldwide Interbank Financial Telecommunications (SWIFT) do an excellent job of hardening systems against breaches. This is especially important in the financial services sector, a common target for cybercriminals. This on-demand webinar presented by Senior Solutions Engineer Dan...
Guide

5 Things Your FIM Solution Should Do for You

File integrity monitoring (FIM) is a critical security control that helps organizations detect system changes in real-time that indicate impacts to compliance and potential cybersecurity incidents, empowering teams to respond rapidly. FIM is required by many major compliance standards such as North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), the...