Resources

Tripwire VERT Security Update
Blog

VERT Threat Alert: September 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/10/2024
Today’s VERT Alert addresses Microsoft’s September 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1123 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38217Windows uses the Mark of the Web (MoTW) to identify files downloaded from the Internet. This is done by setting the NTFS Zone.Identifier alternate Data...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog

VERT Threat Alert: August 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/13/2024
Today’s VERT Alert addresses Microsoft’s August 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1119 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2024-38178CVE-2024-38178 describes a vulnerability in the Microsoft Edge scripting engine when run in Internet Explorer Mode. On top of requiring Edge be running in...
Vulnerability & Risk Management
VERT Research
Fortra Webinar
On-Demand Webinar

FIM Isn’t Just for Files Anymore

Mon, 08/05/2024
File integrity monitoring was invented by Tripwire’s founder over 25 years ago and has evolved over time to become one of the most important security controls — so critical, in fact, that it’s required by major compliance standards like the Payment Card Industry Data Security Standard (PCI DSS). But what a lot of cybersecurity professionals aren’t familiar with is how FIM has expanded to include a...
File Integrity & Change Monitoring
Tripwire VERT Security Update
Blog

VERT Threat Alert: July 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/09/2024
Today’s VERT Alert addresses Microsoft’s July 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1114 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2024-38112A vulnerability in the Windows MSHTML Platform could allow spoofing to occur. Successful exploitation of this vulnerability requires that the attacker convince...
Vulnerability & Risk Management
VERT Research
integrity
Blog

Integrity and FIM: It’s More than Just Data Security

By Jeff Moline on Tue, 06/18/2024
Integrity is a vital component of any cybersecurity policy, making up one-third of the CIA Triad. However, until recently, the industry has had a limited understanding of the term, using it primarily in the context of data security. Integrity means so much more than this principle alone: it impacts every facet of an information system and can drive an organization's entire security program. ...
Cybersecurity
File Integrity & Change Monitoring
Tripwire VERT
Blog

VERT Threat Alert: June 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/11/2024
Today’s VERT Alert addresses Microsoft’s June 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1110 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2023-50868 The only disclosed vulnerability we have this month, is CVE-2023-50868, a DNSSEC protocol level vulnerability that can lead to denial of service. The...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog

VERT Threat Alert: May 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/14/2024
Today’s VERT Alert addresses Microsoft’s May 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1106 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-30040 Up first this month, we have a security feature bypass in MSHTML. More specifically, we have an Object...
Vulnerability & Risk Management
VERT Research
Datasheet

What Makes Fortra’s Tripwire Different

Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a profusion of vendors...
Vulnerability & Risk Management
Cybersecurity
Compliance
File Integrity & Change Monitoring
Incident Detection & Investigation
Industrial Control Systems
IT Security Operations & Asset Discovery
Managed Security Services
Security Configuration Management
Know Thyself and Thy Network
Blog

Know Thyself and Thy Network

By Chris Hudson on Wed, 01/10/2024
The shifting sands of IT make the adage "you never know it all" ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little something about everything. I was a young man with a voracious reading appetite and an active imagination – both of which were thoroughly outpaced by...
Cybersecurity
File Integrity & Change Monitoring
On-Demand Webinar

Demystifying Vulnerability Management: Cutting Through the Noise

Wed, 10/18/2023
Vulnerability management (VM) is an essential cybersecurity control to discover, profile, and assess vulnerability risk so security teams can act quickly to close attack vectors. Over the years the lines have blurred a little regarding which cybersecurity practices fall under the VM classification. Watch this on-demand webinar to learn the basics of VM and how...
Vulnerability & Risk Management
Datasheet

Tripwire Services Comparison Datasheet

Not all organizations have the internal resources necessary to manage their cybersecurity and compliance solutions in-house. This may seem like a roadblock to those who see the greater potential of their solutions and want to do more to reach their goals but cannot expand their technical teams due to the high demand for qualified candidates or budgetary limitations. However, the services available...
Managed Security Services
Tripwire Products: Quick Reference Guide
Blog

Tripwire Products: Quick Reference Guide

By Megan Freshley on Mon, 05/15/2023
Here at The State of Security, we cover everything from breaking stories about new cyberthreats to step-by-step guides on passing your next compliance audit. But today we’d like to offer a straight-forward roundup of Fortra's Tripwire product suite. Get to know the basics of Tripwire’s core solutions for file integrity monitoring (FIM), security...
Datasheet

Tripwire NERC CIP Report Catalog

Fortra’s Tripwire NERC CIP Solution Suite is an advanced offering that augments Tripwire’s tools for meeting 23 of NERC CIP’s 44 requirements. The Tripwire NERC CIP Solution Suite allows you to achieve and maintain NERC CIP compliance with high efficacy and reduced effort. This suite includes continuous monitoring of cyber assets, automated assessment of security, and audit-ready evidence with...
Industrial Control Systems
How FIM Protects Assets in a Borderless World
Blog

How FIM Protects Assets in a Borderless World

By Tripwire Guest Authors on Mon, 12/19/2022
Recent advancements in the digital landscape have led to a new kind of paradigm, one where enterprise perimeters are no longer clearly defined or limited. The rapid uptake of remote working, cloud, and IoT led to these prominent shifts, resulting in users, applications, and data no longer residing exclusively within the perimeters of the enterprise....
Cybersecurity
File Integrity & Change Monitoring
Integrity Monitoring Use Cases: Compliance
Blog

Integrity Monitoring Use Cases: Security

By David Bruce on Thu, 11/03/2022
Compliance is an essential aspect of every organization, and in business terms, it entails ensuring that organizations of all sizes, and their personnel, comply with national and international regulations, such as GDPR, HIPAA, and SOX. When guaranteeing compliance, many firms frequently overlook security. Gary Hibberd states that compliance...
Compliance
File Integrity & Change Monitoring
Why Law Firms Should Use Integrity Monitoring to Maintain Confidentiality
Blog

Why Law Firms Should Use Integrity Monitoring to Maintain Confidentiality

By Tripwire Guest Authors on Mon, 10/24/2022
Law firms owe their clients several types of duties, such as the duty of care, duty to provide competent representation, as well as other ethical responsibilities. Their duties even extend to former clients and must be upheld long after they no longer have a formal attorney-client relationship. More specifically, lawyers have a duty to not disclose...
File Integrity & Change Monitoring
Integrity Monitoring Use Cases: Compliance
Blog

Integrity Monitoring Use Cases: Compliance

By David Bruce on Wed, 10/19/2022
What is File Integrity Monitoring? The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations of those assets. In...
Compliance
PCI DSS
File Integrity & Change Monitoring
Datasheet

Tripwire and LinkShadow

LinkShadow integrates with Tripwire solutions to complete the full cycle of behavioral analytics and threat hunting, providing the combined benefits of Tripwire’s file integrity monitoring (FIM) technology and proactive threat detection. Next Generation Cybersecurity Analytics LinkShadow® Cyber Security Analytics Platform is designed to manage threats in real time. It utilizes AI based machine...
Datasheet

Tripwire Vulnerability Risk Metrics

A vulnerability management program should provide a series of metrics that outline the vulnerability risk to the organization and how the risk posture is trending. In addition to this, reports should be provided which show system owners which vulnerabilities pose the greatest risk to the organization and how to remediate them. This report outlines recommendations for vulnerability management...
Vulnerability & Risk Management
Datasheet

Tripwire Vulnerability Scoring System

Vulnerability and Risk Analysis Measuring and managing the security risk associated with information and information technology remains one of the most challenging and debated problems faced by all levels of an organization. While scoring standards designed to assist with solving this problem have been developed over the past decade, a select few have accomplished this and those that have are...
Vulnerability & Risk Management