Understanding security risk on the global enterprise network is essential to comprehensive IT vulnerability management (VM). But there are several hurdles your VM program must overcome, like the high rate of change on enterprise networks, the constantly changing threat environment and increased focus on internal and regulatory compliance. The solution is Tripwire® IP360™, the leading vulnerability...

Vulnerability management solutions are only valuable when they help you prioritize your efforts effectively. Fortra’s Tripwire® IP360™ is an enterprise-class vulnerability management solution that enables cost-effective reduction of cyberthreat risk by focusing your remediation efforts on the highest risks and most critical assets. The solution is built upon a scalable architecture that delivers...

Your Tripwire implementation captures data from thousands of systems with millions of unique elements. Figuring out which configurations, security events or changes need your attention can distract from more strategic business tasks—or from using the valuable intelligence it provides to manage IT risk throughout your enterprise. So if you’d like to spend more time managing your business and less...

The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, cyber threats, and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting, and storing credit card data to minimize the theft...

There isn’t an industry that hasn’t been affected by cyber threats, and the broadcast industry is no exception. In April 2015, France’s TV5Monde was attacked, resulting in eleven of its channels going dark and its social media outlets commandeered to display pro-Islamic State messages. This was preceded by an attack on WBOC in Salisbury, Maryland, where their Twitter account and website were...

The recently enacted European Union General Data Protection Regulation (GDPR) requires organizations to take adequate measures to ensure the security and privacy of personal data of any European citizen. This supersedes the previous Data Protection directive. As a regulation—as opposed to a mere directive—it directly imposes a uniform data security law regime on organizations that need to comply...

The trend of mass migration to the cloud brings benefits like lower operating costs, easier deployability, and the flexibility of an elastic environment. However, it’s crucial to understand that the responsibility to secure your cloud infrastructure still falls on your organization. Cloud providers allow organizations to take advantage of their infrastructure, resulting in a shared model for...

North American electric utility companies constantly balance the need to be audit-ready for NERC CIP compliance against their top priority: ensuring the reliability of the bulk electric system. NERC CIP compliance, especially when approached using manual methods, is complex, time-consuming, and prone to human error. Further, NERC CIP requirements often infer security skill sets beyond those of...

Over the past several years, the number of known vulnerabilities has grown drastically, and has continued to challenge security and operations teams to keep pace with the continuing flow of new security advisories. One of the biggest problems is accurately determining which vulnerabilities present the greatest risk to prioritize remediation efforts. Most vulnerability management tools use crude...