Resources

An Introduction to the State and Local Cybersecurity Grant Program
Blog

An Introduction to the State and Local Cybersecurity Grant Program (SLCGP)

By David Henderson on Wed, 10/19/2022
Cybersecurity funding in corporate environments has always been a source of anxiety for those who seek to keep organizations safe. When we examine the cybersecurity readiness of many state, local, and territorial governments, this funding struggle is taken to new heights of scarcity.Fortunately, a new program has been created by the Department of...
Cybersecurity
Compliance
Guide

Zero Trust and the Seven Tenets

Whether you are new to information security, or you’re a long-time practitioner, it seems that “zero trust” is the latest initiative at the top of everyone’s priority list. Special Publication 800-207, created by the National Institute of Standards and Technology (NIST) offers guidance for instituting a zero trust architecture. The document outlines the basic tenets that form the foundation of...
Incident Detection & Investigation
Guide

Security and Compliance for Remote Federal Workers

In response to the coronavirus ("COVID-19") pandemic, the Office of Management and Budget (OMB) made an unprecedented call for agencies to maximize telework flexibilities, resulting in 78 percent of the federal workforce working remotely. This abrupt and wide-scale shift to a remote work environment required agency security teams to adjust with little to no planning, placed a tremendous strain on...
Compliance
Guide

Survey: Retail Industry Ramps Up Cybersecurity for 2020 Holiday Season

The retail industry always has to make special preparations for the holiday season. That was especially the case this year. With Covid-19 disrupting shopping behaviors and creating a surge in online shopping, security teams at these retail organizations have had to make adjustments as well. Tripwire partnered with Dimensional Research to understand how retail organizations are adapting their...
Guide

Federal Cybersecurity: Security Fundamentals for Federal Agencies

Cybersecurity experts are urging government agencies to protect their data with up-to-date, foundational security controls, and agencies are listening. But how can they determine where exactly to focus their efforts to maximize efficiency and ensure a strong security stance? This white paper details the four key components federal agencies need in order to establish and maintain a robust security...
Guide

Essential PCI DSS v4.0 Transition Checklist

The proliferation of online transactions isn’t the only reason the PCI Council created the new 4.0 standard. Recent years have also seen increasingly sophisticated methods among cybercriminals, a surge in cloud use, and the rise of contactless payments. This spurred the need for an updated set of PCI DSS requirements, which were released in March 2022 and will become mandatory in March 2024 for...
Compliance
PCI DSS
Guide

Closing the Integrity Gap with NIST's Cybersecurity Framework

When the National Institute of Standards and Technology (NIST) announced that it had released its new Cybersecurity Framework in 2014, it appeared on the surface to be just one more option for organizations looking to develop a cohesive and effective cyber risk management strategy. Indeed, there are dozens of choices available and organizations have been all over the map when it comes to deciding...
Compliance
Datasheet

Host Based Security System (HBSS) Integration

The Host based Security System (HBSS) is a suite of products that the Department of Defense (DoD) mandated for use within the DoD Enterprise Network in early 2007. The intent was that DoD organizations would use it to monitor, detect, and prevent successful attacks against the department’s systems and networks. On the surface, the concept of HBSS is a solid one: a consistent, single IT security...
Datasheet

The Government’s One-Stop Shop for Federal Policy Compliance

Federal security professionals are tasked with protecting agencies against attacks, detecting threats, identifying vulnerabilities, and hardening configurations while simultaneously demonstrating that critical systems are in compliance. Each of these complex processes must be executed with limited time and resources. In an ideal environment, an agency’s security solutions would enable personnel to...
Datasheet

CMMC Compliance with Tripwire

The U.S. Department of Defense (DoD) is implementing the Cybersecurity Maturity Model Certification (CMMC) program to standardize the level of cybersecurity implemented throughout its 300,000 suppliers. In practice, this means that every member of the Defense Industrial Base (DIB) will be required to pass an audit in order to win DoD contracts. Tripwire Enterprise gives you out-of-the-box...
Compliance
Datasheet

Tripwire Solutions for Retail Security

A retailer’s reputation can make or break its success, and the quickest way to damage a good reputation is to compromise customer trust. Every time you as a retailer ask a customer for their personal data and credit card, the customer puts their trust on the line. Most customers assume that retailers have adequate security measures and technology in place to keep that data safe and private. ...
Datasheet

NERC CIP Compliance with Tripwire and NovaTech

Tripwire solutions protect sensitive data and assets from breaches, vulnerabilities, and threats while delivering risk visibility, business context and security business intelligence. The integration between Tripwire and Novatech’s NERC CIP Password, Configuration and Remote Access Management solution brings a consistent approach to the management, auditing and maintenance of secure configurations...
Compliance
Datasheet

Department of Defense Overview: Integrated Security Controls to Protect Your Organization

Tripwire provides an integrated suite of solutions to help solve security challenges facing organizations within today’s Department of Defense. Tripwire tools have been used within government and military organizations in both tactical and non tactical environments to ensure system hardening through security configuration management, real time threat detection with continuous monitoring, and data...
File Integrity & Change Monitoring
Datasheet

Tripwire Solutions for Federal Agencies

Tripwire has been a strategic partner to the U.S. Federal Government for over 20 years, helping thousands of federal customers improve their cybersecurity. As the pioneers of file integrity monitoring (FIM), Tripwire’s expertise is built on a history of innovation that includes over 40 patents. Teaming with parent company Belden, Tripwire also brings 100+ years of expertise and integration with...
Department of Defense logo
Case Study

Why This U.S. Military Agency Chose Tripwire Enterprise

Ensuring the cybersecurity of the U.S. Military is a unique responsibility with unique compliance requirements across a wide variety of platforms and systems. As a key component of the Federal Government’s overall data and system integrity protections, meeting the Defense Information Systems Administration Security Technical Implementation Guide (DISA STIG) file integrity monitoring (FIM)...
Case Study

Security and Compliance in Federal Agencies: 3 Tripwire Use Cases

Use Cases Ensuring compliance and minimizing Automating manual tasks and enhancing breach detection Monitoring critical assets in the public cloud Tripwire understands the security demands faced by federal government agencies. Security decision makers at these agencies aren’t only tasked with securing operations in a complex threat landscape—they also have to prove regulatory compliance at the...
Compliance
Product Video

Watch a Demo of Tripwire Enterprise

Mon, 08/15/2022
Point of sale attacks are on the rise and securing POS devices cannot be a generic effort. This video shows how Tripwire addresses POS threat protection.
Vulnerability & Risk Management
US Government warns of new malware attacks on ICS/SCADA systems
Blog

US Government warns of new malware attacks on ICS/SCADA systems

By Graham Cluley on Thu, 04/14/2022
Agencies of the US Government have issued a joint warning that hackers have revealed their capability to gain full system access to industrial control systems that might help enemy states sabotage critical infrastructure. In a joint cybersecurity advisory issued by the Department of Energy, the Cybersecurity and Infrastructure Security Agency (CISA...
Industrial Control Systems
Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure
Blog

Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

By Editorial Staff on Tue, 05/11/2021
Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to...
Industrial Control Systems