Resources

Tripwire VERT Security Update
Blog

VERT Threat Alert: October 2022 Patch Tuesday Analysis

By Tyler Reguly on Wed, 10/12/2022
Today’s VERT Alert addresses Microsoft’s October 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1025 on Wednesday, October 12th. In-The-Wild & Disclosed CVEs CVE-2022-41033 A vulnerability in the Windows COM+ Event System service could allow malicious individuals to obtain SYSTEM level...
Vulnerability & Risk Management
Guide

Beyond the Basics: Tripwire Enterprise Use Cases

Security, compliance, and IT operations leaders need a powerful and effective way to accurately identify security misconfigurations and indicators of compromise. Explore the many ways Tripwire Enterprise can protect your organization with superior security and continuous compliance.
Compliance
File Integrity & Change Monitoring
Security Configuration Management
VERT Threat Alert: September 2022 Patch Tuesday Analysis
Blog

VERT Threat Alert: September 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/13/2022
Today’s VERT Alert addresses Microsoft’s September 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1021 on Wednesday, September 14th. In-The-Wild & Disclosed CVEs CVE-2022-23960 The first disclosed vulnerability this month is Spectre-BHB that is discussed in great detail on arm Developer....
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022

By Andrew Swoboda on Mon, 09/12/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 5th, 2022. I’ve also included some comments on these stories. Critical RCE Vulnerability Affects Zyxel NAS Devices —...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022

By Andrew Swoboda on Mon, 09/05/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 29th, 2022. I’ve also included some comments on these stories. WordPress 6.0.2 Patches Vulnerability That Could Impact...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022

By Andrew Swoboda on Mon, 08/29/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 22nd, 2022, including some commentary of mine. VMware fixed a privilege escalation issue in VMware Tools VMware this...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

By Andrew Swoboda on Mon, 08/22/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 15th, 2022. I’ve also included some comments on these stories. Newly Uncovered PyPI Package Drops Fileless Cryptominer...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022

By Andrew Swoboda on Tue, 08/16/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 8st, 2022. I’ve also included some comments on these stories. Slack leaked hashed passwords from its servers for years ...
Vulnerability & Risk Management
VERT Research
Guide

Why Integrity Should Be Your Organizing Cybersecurity Principle

While integrity has been a common word in the cybersecurity lexicon for years, its meaning and use have been relatively limited. It may be time to reconsider its central role in security. The reality of always-connected networks, fluid data transfers across cloud and hybrid environments, and broadly deployed endpoints presents an opportunity to take a fresh look at integrity as an organizing...
File Integrity & Change Monitoring
Guide

Verizon 2021 DBIR Response Checklist

The Verizon 2021 Data Breach Investigations Report (DBIR), which takes a deep dive into data-driven findings on the state of global cybersecurity across a number of industries, including manufacturing, healthcare, financial and public administration. This year’s report revealed trends behind 79,635 cybersecurity incidents and 5,258 confirmed data breaches across 88 countries. To help security...
Vulnerability & Risk Management
Guide

Vulnerability Management Buyer's Guide

Most organizations understand the critical role that vulnerability management (VM) plays in helping them meet compliance requirements, ensure security and reduce risk. However, many organizations discover, only after investing in a solution, that it doesn’t properly address their needs. Avoiding this costly mistake can be difficult though, because at first glance many VM solutions appear similar. ...
Vulnerability & Risk Management
Guide

Climbing Vulnerability Management Mountain

Building your organization’s vulnerability management program is a daunting yet rewarding journey, similar to climbing a mountain. Doing this takes time, planning and hard work, but will be worth it when you get to the top. To help you take on this challenge, Tripwire has outlined the five maturity levels you will use as your guide when building your program. Learn about how you can minimize risk...
Vulnerability & Risk Management
Guide

Tripwire State of Cyber Hygiene Report

Tripwire’s State of Cyber Hygiene report reveals the results of an extensive cybersecurity survey conducted in partnership with Dimensional Research. The survey examined if and how organizations are implementing security controls that the Center for Internet Security (CIS) refers to as "Cyber Hygiene." Real-world breaches and security incidents prove over and over again that many of the most...
Security Configuration Management
Vulnerability & Risk Management
Guide

Threat Prevention is Foundational

How proper foundational controls help block today’s advanced threats
Cybersecurity
File Integrity & Change Monitoring
Security Configuration Management
Guide

Five Critical Steps of a Complete Security Risk and Compliance Lifecycle

Maintaining security and compliance in today’s ever changing environment is a never ending task.  To manage that task, the most successful companies adopt a systematic approach that promotes continuous improvement. Tripwire is a leading provider of enterprise-class foundational controls for security, compliance and IT operations.  Tripwire worked with its most successful customers to understand...
Vulnerability & Risk Management
Compliance
Guide

Governance, Risk, and Compliance

Governance, Risk & Compliance, or Generating Real Capability! How do we use GRC as a business enabler, and focus on the benefits it brings?
Vulnerability & Risk Management
Compliance
Guide

5 File Integrity Monitoring (FIM) Myths and Misconceptions

File integrity monitoring (FIM) is the cybersecurity process that monitors and detects changes in your environment to alert you to threats and helps you remediate them. While monitoring environments for change sounds simple enough, there are plenty of misconceptions about how exactly FIM fits into a successful cybersecurity program. It’s essential to address those common myths now so that...
File Integrity & Change Monitoring