-
Tyler Reguly
Guide
Staying Current With the Transportation Security Administration’s Oil and Gas Security Directives
Escalating cyberthreats in the oil and gas industry underscore the need for substantial collaboration between public and private sectors to mitigate this national security risk, and much of this responsibility falls on the shoulders of individual pipeline operators who need to comply with the Transportation Security Administration (TSA) Security Directive.
Despite being best...
Blog
VERT Threat Alert: May 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 05/14/2024
Image
Today’s VERT Alert addresses Microsoft’s May 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1106 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
CVE-2024-30040
Up first this month, we have a security feature bypass in MSHTML. More specifically, we...
-
Steven Sletten
On-Demand Webinar
Breaking Compliance Into Bite-Sized Portions
Tue, 04/23/2024
Which standards and regulations do you need to comply with? Most organizations have to prove compliance with multiple standards simultaneously to keep their systems secure and avoid audit fines. But it can be difficult to keep up with changing regulations, achieve continuous compliance, or even know where to start.
This on-demand webinar presented by Fortra's Tripwire is...
Datasheet
What Makes Fortra’s Tripwire Different
Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a...
On-Demand Webinar
Demystifying Vulnerability Management: Cutting Through the Noise
Wed, 10/18/2023
Vulnerability management (VM) is an essential cybersecurity control to discover, profile, and assess vulnerability risk so security teams can act quickly to close attack vectors. Over the years the lines have blurred a little regarding which cybersecurity practices fall under the VM classification.
Watch this on-demand webinar to learn the...
On-Demand Webinar
Best Practices for the PCI DSS 4.0 Countdown
Wed, 09/27/2023
The deadline for compliance with the Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements isn’t until March 31, 2024, but organizations that allow those remaining months to fly by without adequate preparation may face last-minute PCI panic. The best approach is to steadily reach key milestones so you’ll be fully prepared when the deadline arrives.
Watch the...
Datasheet
Achieving NIA Compliance with Fortra
The National Information Assurance (NIA) Policy provides organizations with the necessary cybersecurity foundation and the relevant tools to enable the implementation of a full-fledged Information Security Management System. Keeping sensitive data and assets safe is the goal of regulatory cybersecurity frameworks such as the NIA.
The NIA policy guides organizations in...
Guide
How Managed Services Can Help With Cybersecurity Compliance
Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance.
...
Guide
Insider Insights for the PCI DSS 4.0 Transition
Is your organization ready for the new PCI DSS 4.0 Standard? If you’re already compliant with the most recent version of the Payment Card Industry Data Security Standard (PCI DSS), you’ve probably already begun transitioning to version 4.0 ahead of the upcoming deadline. To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic...
Guide
PCI DSS 4.0 Compliance
Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements...
Guide
How Finance Companies Bank on Tripwire ExpertOps
Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems....
Guide
Adjusting to the Reality of Risk Management Framework
The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security.
Image
Federal entities need to...
Datasheet
Tripwire Vulnerability Risk Metrics
A vulnerability management program should provide a series of metrics that outline the vulnerability risk to the organization and how the risk posture is trending. In addition to this, reports should be provided which show system owners which vulnerabilities pose the greatest risk to the organization and how to remediate them. This report outlines recommendations for...
Datasheet
Tripwire Vulnerability Scoring System
Vulnerability and Risk Analysis
Measuring and managing the security risk associated with information and information technology remains one of the most challenging and debated problems faced by all levels of an organization. While scoring standards designed to assist with solving this problem have been developed over the past decade, a select few have accomplished this and...
Datasheet
The Tripwire NERC CIP Solution Suite
The North American Electric Reliability Corporation (NERC) maintains comprehensive reliability standards that define requirements for planning and operating the bulk electric system (BES). Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which specify a minimum set of controls and processes for power generation and transmission companies to...
Datasheet
Tripwire IP360 Agent-Based Vulnerability Management
When should your security strategy include agent-based monitoring? It can be difficult to discern when and how to incorporate agents into your vulnerability management processes. There are several instances in which agent-based monitoring offers superior support and protection across your networks. But that doesn’t mean you need to opt for a 100 percent agent-based approach,...