Resources
Guide

Vulnerability Management Buyer's Guide

Most organizations understand the critical role that vulnerability management (VM) plays in helping them meet compliance requirements, ensure security and reduce risk. However, many organizations discover, only after investing in a solution, that it doesn’t properly address their needs. Avoiding this costly mistake can be difficult though, because at first glance many VM solutions appear similar. ...
Vulnerability & Risk Management
Guide

Climbing Vulnerability Management Mountain

Building your organization’s vulnerability management program is a daunting yet rewarding journey, similar to climbing a mountain. Doing this takes time, planning and hard work, but will be worth it when you get to the top. To help you take on this challenge, Tripwire has outlined the five maturity levels you will use as your guide when building your program. Learn about how you can minimize risk...
Vulnerability & Risk Management
Guide

Tripwire State of Cyber Hygiene Report

Tripwire’s State of Cyber Hygiene report reveals the results of an extensive cybersecurity survey conducted in partnership with Dimensional Research. The survey examined if and how organizations are implementing security controls that the Center for Internet Security (CIS) refers to as "Cyber Hygiene." Real-world breaches and security incidents prove over and over again that many of the most...
Security Configuration Management
Vulnerability & Risk Management
Guide

Five Critical Steps of a Complete Security Risk and Compliance Lifecycle

Maintaining security and compliance in today’s ever changing environment is a never ending task. To manage that task, the most successful companies adopt a systematic approach that promotes continuous improvement. Tripwire is a leading provider of enterprise-class foundational controls for security, compliance and IT operations. Tripwire worked with its most successful customers to understand...
Vulnerability & Risk Management
Compliance
Guide

Tripwire 2020 Skills Gap Survey

The skills gap remains one of the biggest challenges within the cybersecurity industry. To gain more perspective on what organizations are experiencing, Tripwire partnered with Dimensional Research to survey 342 security professionals on this issue. This study explores hiring trends, how security teams are changing, and how they plan to address the issue in the face of growing cyber threats. ...
Managed Security Services
Guide

Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls

The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s security and compliance...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NIST
PCI DSS
Guide

Getting Up to Speed on GDPR

Search online for the phrase “data is the new oil” and you’ll see it’s used by (and attributed to) many people. Data is a precious and highly valuable commodity. Data is the fuel pumping through today’s digital business, powering communications and commerce. Organizations the world over are mining data to turn raw information into real insight—to drive sales and grow their business. ...
Compliance
GDPR
Guide

Governance, Risk, and Compliance

Governance, Risk & Compliance, or Generating Real Capability! How do we use GRC as a business enabler, and focus on the benefits it brings?
Vulnerability & Risk Management
Compliance
Guide

Adjusting to the Reality of Risk Management Framework

The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security. Federal entities need to understand and utilize RMF as...
Vulnerability & Risk Management
Guide

Building a Mature Vulnerability Management Program

A successful vulnerability management program requires more than the right technology. It requires dedicated people and mature processes. When done properly, the result can be a continuously improving risk management system for your organization. This white paper was written by CISSP-certified Tripwire system engineers with extensive experience in implementation of vulnerability management...
Vulnerability & Risk Management
Datasheet

Tripwire Vulnerability Risk Metrics

A vulnerability management program should provide a series of metrics that outline the vulnerability risk to the organization and how the risk posture is trending. In addition to this, reports should be provided which show system owners which vulnerabilities pose the greatest risk to the organization and how to remediate them. This report outlines recommendations for vulnerability management...
Vulnerability & Risk Management
Guide

The Five Stages of Vulnerability Management Maturity

One key element of an effective information security program within your organization is having a good vulnerability management (VM) program, as it can identify critical risks. Most, if not all, regulatory policies require a VM program, and information security frameworks advise implementing VM as one of first things an organization should do when building their information security program. ...
Vulnerability & Risk Management
Datasheet

Calculating the ROI of a Vulnerability Management Program

Return on investment on IT security infrastructure purchases (solutions and products) has traditionally been hard to quantify. However, there are some compelling aspects of securing an organization’s infrastructure that can be identified and quantified. This discipline will continue to evolve as organizations focus on managing and balancing their security expenses and strive to control the...
Vulnerability & Risk Management
Datasheet

Tripwire Vulnerability Scoring System

Vulnerability and Risk Analysis Measuring and managing the security risk associated with information and information technology remains one of the most challenging and debated problems faced by all levels of an organization. While scoring standards designed to assist with solving this problem have been developed over the past decade, a select few have accomplished this and those that have are...
Vulnerability & Risk Management
Datasheet

Tripwire Vulnerability Intelligence

There’s not enough time in the day to investigate every system change and remediate every vulnerability. Ever-evolving capabilities of cyber adversaries—coupled with the dynamic nature of corporate networks— makes security prioritization increasingly difficult. With Tripwire® Enterprise and Tripwire IP360™ managed service offerings, you can minimize the amount of time you spend addressing high...
Vulnerability & Risk Management
Datasheet

Tripwire IP360 Agent-Based Vulnerability Management

When should your security strategy include agent-based monitoring? It can be difficult to discern when and how to incorporate agents into your vulnerability management processes. There are several instances in which agent-based monitoring offers superior support and protection across your networks. But that doesn’t mean you need to opt for a 100 percent agent-based approach, either. There are...
Vulnerability & Risk Management
Datasheet

Tripwire ExpertOps

Many IT teams are facing challenging skills gaps or struggling with optimizing their cybersecurity software. It might be that your team is too small for their responsibilities, or that you’re finding it difficult to attract, train, and retain talent. Turnover is a common problem, with organizations and agencies often losing skilled individuals to new opportunities. Fortunately, strategically...
Cybersecurity Skills Gap
Managed Security Services