Resources
Guide

Detailed Mapping of the Tripwire and CIS Controls

The goal of the Center for Internet Security Controls is to protect critical assets, infrastructure and information by strengthening your organization's defensive posture through continuous, automated protection and monitoring of your IT infrastructure. The strength of the Controls is that it reflects the combined knowledge of actual attacks and effective defenses from experts...
Industrial Control Systems
Guide

Integrity: The True Measure of Enterprise Security

Federal cybersecurity integrity is often defined as the incorruptibility of data (as part of the CIA triad), and file integrity monitoring (FIM), a control which has become a compliance requirement in standards such as FISMA and PCI DSS. Read the full white paper to learn more.
File Integrity & Change Monitoring
Guide

File integrity Monitoring (FIM) for Comprehensive Integrity Management

Shifting language can be difficult, but it’s more appropriate to talk about Integrity Management in regards to today’s technology landscape. Integrity Management provides an umbrella approach to managing risk in an environment. There are four basic steps to ensuring integrity: Secure deployment System baseline Change monitoring Change remediation This white paper will...
File Integrity & Change Monitoring
Guide

Closing the Integrity Gap with NIST's Cybersecurity Framework

When the National Institute of Standards and Technology (NIST) announced that it had released its new Cybersecurity Framework in 2014, it appeared on the surface to be just one more option for organizations looking to develop a cohesive and effective cyber risk management strategy. Indeed, there are dozens of choices available and organizations have been all over the map when...
Compliance
Guide

How to Achieve Compliance with the NIS Directive

Network and information systems (NIS) and the essential functions they support play a vital role in society from ensuring the supply of electricity, water, oil and gas to the provisioning of healthcare and the safety of passenger and freight transport. In addition, computerized systems are performing vital safety-related functions designed to protect human lives. For example,...
Compliance
Guide

Actionable Threat Intelligence: Automated IoC Matching with Tripwire

A key security challenge is finding and rooting out malware that has already become embedded on key assets. Organizations today have myriad threat intelligence sources to leverage. However, simply getting the intelligence into your organization is not enough. Unless you have a way to operationalize myriad threat intelligence sources to make it actionable and useful, threat...
Incident Detection & Investigation
Guide

9 Steps for Maturing Beyond Checkbox Compliance

A common mistake many organizations make is approaching cybersecurity as a series of actions taken in order to check the right compliance boxes. If this sounds familiar, it’s likely that you’ve witnessed something similar to the cycle of crisis-driven audit preparation, a suspenseful audit, remediating based on those findings, and waiting until the next hurried audit...
Compliance
Navigating Industrial Cybersecurity Thumb
Guide

Navigating Industrial Cybersecurity: A Field Guide

Nearly every aspect of modern life depends on industrial control systems (ICS) operating as expected. As ICS devices become increasingly connected, they also become increasingly vulnerable. By and large, commercial and critical infrastructure industrial orgs are underprepared for the digital convergence of their IT and OT environments. ICS operators need to get a robust...
Cybersecurity
Industrial Control Systems