-
Tyler Reguly
Guide
What Experts Have to Say About Choosing the Right Cybersecurity Frameworks
Frameworks like the Center for Internet Security (CIS) Controls, MITRE ATT&CK and the National Institute of Standards and Technology (NIST) Cybersecurity Framework give organizations clear, step-by-step methodologies for protecting their sensitive data, leveraging a wealth of industry knowledge to take the guesswork out of your security program.
While these cybersecurity...
Blog
Resolving Top Security Misconfigurations: What you need to know
By Jeff Moline on Mon, 01/22/2024
Image
One of the most common factors that can lead to cybersecurity incidents is a security misconfiguration in software or application settings. The default settings that come with the implementation of these tools and solutions are often not configured securely, and many organizations do not invest the time and resources into...
Blog
An Introduction to AWS Security
By Gilad David Maayan on Fri, 01/12/2024
Image
Cloud providers are becoming a core part of IT infrastructure. Amazon Web Services (AWS), the world's biggest cloud provider, is used by millions of organizations worldwide and is commonly used to run sensitive and mission-critical workloads. This makes it critical for IT and security professionals to understand the basics of...
Blog
Cloud Security Optimization: A Process for Continuous Improvement
By Gilad David Maayan on Thu, 12/28/2023
Image
Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage to network capabilities. The cloud optimization...
Blog
The 2023 ISC2 Cybersecurity Workforce Study Delves into Cloud Security and AI
By Katrina Thompson on Mon, 12/11/2023
Image
The security industry is at a critical juncture. Capturing the state of affairs is a recent report released by the International Information System Security Certification Consortium, or ISC2.
“A perfect storm”
As they state in their Executive Summary, “Our study shows that a perfect storm of economic uncertainty, rapidly...
Blog
The Six Pillars of Cybersecurity
By Gary Hibberd on Thu, 11/16/2023
Image
Winter is coming
In the ever-evolving landscape of cloud computing, ensuring robust security measures has never been more important. In the new ISO 27001:2022 standard, there is a new requirement for organisations to establish control of their Cloud services, which includes every flavor of cloud from Software as a Service (SaaS...
Blog
Cloud Watching Report: Key Takeaways
By Anirudh Chand on Mon, 11/13/2023
Image
The capabilities of cloud computing have changed the digital landscape significantly, and the popularity of cloud solutions only continues to increase. According to Gartner, the market for public cloud services is expected to surpass 700 billion USD by the end of 2024. The growth of cloud technologies presents a wealth of new...
Guide
How Managed Services Can Help With Cybersecurity Compliance
Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance.
...
Blog
Shifting Left with SAST, DAST, and SCA: Advanced Best Practices
By Tripwire Guest Authors on Thu, 10/20/2022
Image
In the past, teams incorporated security testing far after the development stage of the Software Development Lifecycle (SDLC). Security testing would influence whether the application would to proceed to production, or get passed back to the developers for remediation.
This process caused delays while teams worked on...
Guide
Multi-Cloud Security Best Practice Guide
When you opt to use multiple cloud providers, you’re implementing a multi-cloud strategy. This practice is increasingly common, and can refer to mixing SaaS (software as a service) and PaaS (platform as a service) offerings as well as public cloud environments that fall under the IaaS (infrastructure as a service) category. The most common public cloud environments today are...
Guide
Six Security Controls to Prevent Your Cloud from Getting Hacked
There’s a common misconception that cloud providers handle cybersecurity for you. The truth is, cloud providers use a “shared responsibility model”. They protect underlying Cloud infrastructure, but leave protection of Cloud-deployed assets and data up to you.
To help meet this need, the Center for Internet Security (CIS) has created the CIS Amazon Web Services Foundations...
Guide
Survey: Securing Public Cloud Infrastructure
Do you have a centralized view of your organization’s security posture and policy compliance across all cloud accounts? A Tripwire and Dimensional Research survey conducted in 2021 found that only 21 percent of security professionals could answer “yes.”
The survey included more than 300 cybersecurity professionals who are directly responsible for the security of public cloud...
Guide
Securing AWS Cloud Management Configurations
Amazon has captured nearly half of the cloud market making it a prime target for attacks. When AWS accounts are compromised, the go-to payload is often cryptocurrency mining where attackers make money using stolen CPU cycles that get billed to the victim's account.
Fortunately, there is guidance from the Center for Internet Security (CIS). In 2016, CIS launched the Amazon Web...
Guide
Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls
The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s...
Guide
Implementing Cloud Security Best Practices
Cybersecurity professionals the world over share common cloud security concerns like risk management, configuration security, and cloud compliance. As organizations expand further into the cloud, there continues to be an influx of simple mistakes that can expose organizations to significant security, privacy, and regulatory risks.
Tripwire partnered with Dimensional Research...
Guide
Solid Foundations for Cloud Security: Houses Built on Sand or Rock
Moving mission critical applications to the cloud provides a whole host of benefits but it also means trusting cloud providers with key aspects of security and compliance.
This paper provides tools you can use to evaluate the security and compliance offerings of cloud computing partners. It also describes how Tripwire’s solutions can be used to build and deploy a rock-solid...
Guide
The Executive's Guide to the CIS Controls
See how simple and effective security controls can create a framework that helps you protect your organization and data from known cyber attack vectors.
This publication was designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust network security posture. In this guide, we will cover a wide...
Guide
Executing an Efficient Cloud Security Strategy
How do organizations execute an efficient cloud security strategy and find the right cloud security tools? Tripwire asked a range of cloud security experts to share their thoughts on some of the key challenges regarding secure cloud storage and cloud computing security.
Guide
18 Expert Tips for Effective and Secure Cloud Migration
Organizations are increasingly migrating to the cloud to process their IT resources. Gartner predicts that cloud data centers will process 92 percent of workloads by 20201, while Cisco forecasts cloud workloads to increase 3.2x in that span of time2.
Under the Shared Responsibility Model, migrating organizations need to ensure security in the cloud by taking adequate measures...