Resources

Department of Defense logo
Case Study

Why This U.S. Military Agency Chose Tripwire Enterprise

Ensuring the cybersecurity of the U.S. Military is a unique responsibility with unique compliance requirements across a wide variety of platforms and systems. As a key component of the Federal Government’s overall data and system integrity protections, meeting the Defense Information Systems Administration Security Technical Implementation Guide (DISA STIG) file integrity monitoring (FIM)...
Case Study

Payment Processor for Businesses

As a recognized leader in the payment processing sector, this company offers its clients hundreds of secure payment methods across multiple platforms, around the globe. Onan average day it processes tens of millions of mobile, online and in-store transactions in 100+ currencies.After experiencing a security incident that was quickly contained, the company took the opportunity to revamp its entire...
Compliance
PCI DSS
Testing Banking Website Security: What You Need to Know
Case Study

Major Banking Institution Case Study

This multinational banking institution has been around for over 100 years, dedicated to helping a customer base of over 20 million people in countries all over the world.In order to serve such a large customer base and keep financial services at competitive rates, they’ve taken advantage of the latest in cloud technology to reduce the operating costs of their IT infrastructure and outward-facing...
Case Study

Two Large Financial Services Organizations

To remain competitive, organizations must be able to quickly adapt to support volatile business demands. For IT organizations, the unprecedented speed that images can be deployed into the cloud also brings complexity. Until the initial baseline of an image is captured, there is the potential for unauthorized modifications to pass undetected. Even without malicious intent, a seemingly insignificant...
Case Study

Security and Compliance in Federal Agencies: 3 Tripwire Use Cases

Use Cases Ensuring compliance and minimizing Automating manual tasks and enhancing breach detection Monitoring critical assets in the public cloud Tripwire understands the security demands faced by federal government agencies. Security decision makers at these agencies aren’t only tasked with securing operations in a complex threat landscape—they also have to prove regulatory compliance at the...
Compliance
Case Study

Leading Nationwide Provider of FDIC-Insured Financial Services

This nationally recognized financial solutions provider offers a set of services that enable smaller banks and other related institutions to compete with the industry’s dominant players. The company’s portfolio of FDIC-insured solutions enables its members and other key constituents to offer innovative services that otherwise might be too difficult or too costly to provide on their own.Continuous...
IT Security Operations & Asset Discovery
Case Study

Chi-X Australia Australian Equity Trading Exchange Operator

As a self-described “innovator,” Sydney-based Chi-X Australia is turning the Australiansecurities market landscape on its head. For the first time ever, Australian investors arebeing given a compelling alternative to the ASX, the country’s predominant exchangesince the mid-1980s. Chi-X has gone from a fledging startup in 2011 to now handlingregularly up to over 29% of all on-exchange equity trades...
US Government warns of new malware attacks on ICS/SCADA systems
Blog

US Government warns of new malware attacks on ICS/SCADA systems

By Graham Cluley on Thu, 04/14/2022
Agencies of the US Government have issued a joint warning that hackers have revealed their capability to gain full system access to industrial control systems that might help enemy states sabotage critical infrastructure. In a joint cybersecurity advisory issued by the Department of Energy, the Cybersecurity and Infrastructure Security Agency (CISA...
Industrial Control Systems
Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure
Blog

Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

By Editorial Staff on Tue, 05/11/2021
Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to...
Industrial Control Systems
How Tripwire Can Help U.S. Federal Agencies Implement the CIS Controls
Blog

How Tripwire Can Help U.S. Federal Agencies Implement the CIS Controls

By David Bisson on Sun, 04/11/2021
Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM Exchange exploit campaign. The SolarWinds Supply Chain Attack In mid-December 2020, the security...
Compliance
CIS Controls
Why Privacy Matters in Cybersecurity
Blog

Industrial Cybersecurity and the Florida Water Supply Attack with Dale Peterson

By Editorial Staff on Mon, 02/22/2021
Through the lens of the Florida water supply hack, Dale Peterson teaches how events like these remind us to take the necessary steps to maintain our cybersecurity. Founder and chair of S4 Events, Dale has been helping security professionals effectively and efficiently manage risk to their critical assets for over 15 years. https://open.spotify.com...
Industrial Control Systems
NCSC Active Cyber Defence Report 2019: Evidence Based Vulnerability Management
Blog

NCSC Active Cyber Defence Report 2019: Evidence Based Vulnerability Management

By Anastasios Arampatzis on Fri, 07/26/2019
On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem.The Active Cyber Defence ProgramNCSC was set up in 2016 to be the single...
Vulnerability & Risk Management
Financial services data protection: Are IT pros overconfident? Infographic
Blog

Are Financial Services IT Pros Overconfident in Data Breach Detection Skills?

Fri, 01/29/2016
Tripwire studied confidence vs. knowledge of financial services IT security pros on seven key security controls necessary to detect a data breach. For many controls IT pros believed they had the information necessary to detect a breach quickly but provided contradictory information about the specific data. ...
Vulnerability & Risk Management
Compliance
Blog

Five Men Arrested in Connection with the 2014 JPMorgan Hack

By David Bisson on Mon, 07/27/2015
In August of 2014, it was reported that a group of hackers had exploited a vulnerability in the websites of JPMorgan. After breaking into the company’s network, the attackers then allegedly staged additional attacks that were custom-made to JPMorgan’s servers, which gained them access to internal systems on which customer account data was stored. Several months later, investigators revealed that...