-
Tyler Reguly
Guide
What Experts Have to Say About Choosing the Right Cybersecurity Frameworks
Frameworks like the Center for Internet Security (CIS) Controls, MITRE ATT&CK and the National Institute of Standards and Technology (NIST) Cybersecurity Framework give organizations clear, step-by-step methodologies for protecting their sensitive data, leveraging a wealth of industry knowledge to take the guesswork out of your security program.
While these cybersecurity...
Guide
Staying Current With the Transportation Security Administration’s Oil and Gas Security Directives
Escalating cyberthreats in the oil and gas industry underscore the need for substantial collaboration between public and private sectors to mitigate this national security risk, and much of this responsibility falls on the shoulders of individual pipeline operators who need to comply with the Transportation Security Administration (TSA) Security Directive.
Despite being best...
-
Steven Sletten
Guide
How Managed Services Can Help With Cybersecurity Compliance
Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance.
...
Guide
PCI DSS Resource Toolkit
PCI DSS Resources for Seamless Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is one of the most widely applied regulatory compliance standards, meaning thousands of organizations can benefit from streamlining their compliance programs to avoid audit fines and protect cardholder data.
Fortra’s Tripwire is an authority on how to achieve continuous,...
Guide
Insider Insights for the PCI DSS 4.0 Transition
Is your organization ready for the new PCI DSS 4.0 Standard? If you’re already compliant with the most recent version of the Payment Card Industry Data Security Standard (PCI DSS), you’ve probably already begun transitioning to version 4.0 ahead of the upcoming deadline. To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic...
Guide
Getting in Control of Financial Services Cybersecurity Regulations
Organizations in the financial sector are all too aware that their industry continues to be one of the top targets for cyber criminals. Among financial services and insurance organizations, the leading cause of breaches is system intrusion. That’s why so many cybersecurity compliance regulations have sprung up to ensure systems are kept hardened against attack.
This guide will...
Guide
PCI DSS 4.0 Compliance
Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements...
Guide
Beyond the Basics: Tripwire Enterprise Use Cases
Security, compliance, and IT operations leaders need a powerful and effective way to accurately identify security misconfigurations and indicators of compromise. Explore the many ways Tripwire Enterprise can protect your organization with superior security and
continuous compliance.
Product Video
How Tripwire Helped Walgreens Take a Proactive Approach to Security
Mon, 08/15/2022
Walgreens, founded in 1901, is one of the largest pharmacy companies in the U.S., handling online and in-store sales as well as processing the prescription needs of millions of customers. It needed a security solution that would give them an integrated, all-up view into its IT ecosystem. Its Tripwire ExpertOps solution has given the company a much more proactive view and...
Product Video
AAA: Getting Roadside Assistance from Tripwire
Mon, 08/15/2022
Tim Masey, Director of Enterprise Information Security at AAA, shared his company’s PCI journey: beginning with a small implementation of Tripwire, then running into roadblocks by Management for the expansion of products, and eventually moving forward with the implementation of Tripwire’s policy driven dashboards, rules and tasks for over 500 servers.
Guide
What Is CPS 234 and Who Needs to Comply with It?
In November 2018, the Australian Prudential Regulation Authority (APRA) released the Prudential Standard CPS 234 in direct response to the escalating attack landscape in the financial sector. APRA has understood these threats to be the direct result of banking services moving to more complex and heavily used digital platforms. The new standard emerged as an offshoot to the...
Guide
How Finance Companies Bank on Tripwire ExpertOps
Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems....
Guide
Multi-Cloud Security Best Practice Guide
When you opt to use multiple cloud providers, you’re implementing a multi-cloud strategy. This practice is increasingly common, and can refer to mixing SaaS (software as a service) and PaaS (platform as a service) offerings as well as public cloud environments that fall under the IaaS (infrastructure as a service) category. The most common public cloud environments today are...
Guide
Sustaining SOX Compliance Through Automation Using COBIT Framework
Achieving compliance with the Sarbanes-Oxley Act (SOX) can be a monumental effort. Maintaining those controls and audit reporting on an ongoing basis can be even more difficult. The SEC recommends automated controls for more efficient and effective compliance results.
This white paper details the SOX requirements that are best addressed by automated controls using the COBIT...
Guide
Five Critical Steps of a Complete Security Risk and Compliance Lifecycle
Maintaining security and compliance in today’s ever changing environment is a never ending task. To manage that task, the most successful companies adopt a systematic approach that promotes continuous improvement.
Tripwire is a leading provider of enterprise-class foundational controls for security, compliance and IT operations. Tripwire worked with its most successful...
Guide
Six Security Controls to Prevent Your Cloud from Getting Hacked
There’s a common misconception that cloud providers handle cybersecurity for you. The truth is, cloud providers use a “shared responsibility model”. They protect underlying Cloud infrastructure, but leave protection of Cloud-deployed assets and data up to you.
To help meet this need, the Center for Internet Security (CIS) has created the CIS Amazon Web Services Foundations...
Guide
Survey: Securing Public Cloud Infrastructure
Do you have a centralized view of your organization’s security posture and policy compliance across all cloud accounts? A Tripwire and Dimensional Research survey conducted in 2021 found that only 21 percent of security professionals could answer “yes.”
The survey included more than 300 cybersecurity professionals who are directly responsible for the security of public cloud...