Resources

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide...

Blog

A Scary Story of Group Policy Gone Wrong: Accidental Misconfigurations

By Chris Hudson on Mon, 10/30/2023

Image In the world of cybersecurity, insider threats remain a potent and often underestimated danger. These threats can emanate not only from malicious actors within an organization but also from well-intentioned employees who inadvertently compromise security with a mis-click or other unwitting action. Having spent many years in...

Blog

5 Tripwire Enterprise Misconfigurations to Avoid

By Jeff Hines on Tue, 10/24/2023

Image Configuration management is vitally important as part of a sound cybersecurity strategy. We have previously published how patching alone is not enough, as that does not alter a system’s customized configuration. Misconfigurations can be as damaging to security as a deliberate attack on a system. As the manufacturer of Tripwire...

On-Demand Webinar

Demystifying Vulnerability Management: Cutting Through the Noise

Wed, 10/18/2023

Vulnerability management (VM) is an essential cybersecurity control to discover, profile, and assess vulnerability risk so security teams can act quickly to close attack vectors. Over the years the lines have blurred a little regarding which cybersecurity practices fall under the VM classification. Watch this on-demand webinar to learn the...

Blog

What is a CMDB?

By Lane Thames on Tue, 10/17/2023

Image There are countless tools and technologies available to help an organization stay on top of its IT assets, and a configuration management database (CMDB) is an extremely useful one. The database keeps track of relevant information regarding various hardware and software components and the relationships between them. It allows...

Blog

VERT Threat Alert: October 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 10/10/2023

Image Today’s VERT Alert addresses Microsoft’s October 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1077 on Wednesday, October 11th. In-The-Wild & Disclosed CVEs CVE-2023-41763 While this vulnerability is...

Blog

Compliance vs. Security: Striking the Right Balance in Cybersecurity

By Jay Thakkar on Mon, 10/09/2023

Image Compliance and security often go hand in hand as ideas that attempt to protect against cyber threats. While both compliance and security are designed to lower risk, they are not mutually inclusive—that is, not everything that is required for compliance will necessarily help with security, and not everything that bolsters...

Blog

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

By Graham Cluley on Fri, 10/06/2023

Image A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many...

Blog

Tripwire Patch Priority Index for September 2023

By Lane Thames on Fri, 10/06/2023

Image Tripwire's September 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority are patches for Microsoft Edge (Chromium-based) that resolve 5 vulnerabilities such as out of bounds memory access, type confusion, and use after free. Next on the patch priority list this...

Blog

ICS Environments and Patch Management: What to Do If You Can’t Patch

By Anastasios Arampatzis on Mon, 10/02/2023

Image The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Known unpatched vulnerabilities are often exploited by criminals to penetrate Industrial Control Systems (ICS) environments and...

Blog

The Cost of Cybercrime in the US: Facts and Figures

By PJ Bradley on Wed, 09/27/2023

Image The importance of cybersecurity is no secret in our increasingly digital world. Even individuals who have no experience or expertise in tech or related fields are aware of the threat of hacking, phishing, and the like. It can be difficult, however, to actually quantify the risks of being targeted by these attacks. Keeping track...

Blog

Visibility: An Essential Component of Industrial Cyber Security

By Michael Betti on Tue, 09/26/2023

Image In July 2021, the White House established a voluntary initiative for industrial control systems (ICS) to promote cooperation between the critical infrastructure community and the federal government. The fundamental purpose of the initiative was “to defend the nation’s critical infrastructure community by encouraging and...

Blog

Increasing Your Business’ Cyber Maturity with Fortra

By Antonio Sanchez on Wed, 09/20/2023

Image When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of...

Blog

Guarding Against Fileless Malware: Types and Prevention

By Dilki Rathnayake on Thu, 09/14/2023

Image Fileless malware, true to its name, is malicious code that uses existing legitimate programs in a system for compromise. It operates directly in the Random Access Memory (RAM) without requiring any executable files in the hard drive. Differing from conventional malware, fileless attacks are stealthier in nature, falling under...

Blog

5 Reasons Why You Should Conduct Regular Cybersecurity Audits

By Chester Avey on Wed, 09/13/2023

Image Cyber threats are growing more sophisticated, covert, and frequent every day. This year alone has seen the likes of T-Mobile and PharMerica suffering serious security breaches. These incidents disrupted operations and threatened their bottom lines, not to mention the lingering aftereffects and negative brand perception in the...

Blog

VERT Threat Alert: September 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/12/2023

Image Today’s VERT Alert addresses Microsoft’s September 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1073 on Wednesday, September 13th. In-The-Wild & Disclosed CVEs CVE-2023-36761 Microsoft has indicated that...

Blog

10 Mistakes in Cybersecurity and How to Avoid Them

By Katrina Thompson on Mon, 09/11/2023

Image It's easy to rest on our laurels. Prevent a few breaches – or go long enough without one – and you start to feel invincible. While our efforts are certainly laudable, we can't get too comfortable. As defenders, we always need to be on the hunt for what we've missed and ways to do better. Here are ten common cybersecurity...

Blog

Tripwire Patch Priority Index for August 2023

By Lane Thames on Fri, 09/08/2023

Image Tripwire's August 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Excel, Visio, Teams, and Outlook. The patches resolve 10 issues including remote code execution, information disclosure, security feature...

Blog

What is ISO 27002:2022 Control 8.9? A Quick Look at the Essentials

By Taha Dharsi on Wed, 09/06/2023

Image The basic parameters that control how hardware, software, and even entire networks operate are configurations, whether they take the form of a single configuration file or a collection of connected configurations. For instance, the default properties a firewall uses to control traffic to and from a company's network, such as...

Blog

Working with a Reliable Partner for Cybersecurity Success

By Joe Pettit on Thu, 08/31/2023

Image Technology companies are often seen as revolving doors of constantly shifting personnel. Whether they are seeking a better work environment or chasing a higher paycheck, these staff changes can hurt an organization’s progress. Worse yet, the customers are often negatively impacted by these changes in the continuity of...

10 Common Security Misconfigurations and How to Fix Them

A Scary Story of Group Policy Gone Wrong: Accidental Misconfigurations

5 Tripwire Enterprise Misconfigurations to Avoid

Demystifying Vulnerability Management: Cutting Through the Noise

What is a CMDB?

VERT Threat Alert: October 2023 Patch Tuesday Analysis

Compliance vs. Security: Striking the Right Balance in Cybersecurity

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

Tripwire Patch Priority Index for September 2023

ICS Environments and Patch Management: What to Do If You Can’t Patch

The Cost of Cybercrime in the US: Facts and Figures

Visibility: An Essential Component of Industrial Cyber Security

Increasing Your Business’ Cyber Maturity with Fortra

Guarding Against Fileless Malware: Types and Prevention

5 Reasons Why You Should Conduct Regular Cybersecurity Audits

VERT Threat Alert: September 2023 Patch Tuesday Analysis

10 Mistakes in Cybersecurity and How to Avoid Them

Tripwire Patch Priority Index for August 2023

What is ISO 27002:2022 Control 8.9? A Quick Look at the Essentials

Working with a Reliable Partner for Cybersecurity Success

Contact Information

Privacy Policy

Cookie Policy

Impressum