Blog
Managed Cybersecurity Services Secure Modern Environments
By Troy Thompson on Mon, 03/25/2024
In an era characterized by relentless digital transformation and interconnectedness, cybersecurity has evolved into a complex and dynamic battleground. Businesses, governments, and individuals find themselves locked in a perpetual struggle against a relentless flood of evolving threats. From sophisticated cybercriminal syndicates to state-sponsored hackers and opportunistic threat actors, our...
Datasheet
What Makes Fortra’s Tripwire Different
Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a profusion of vendors...
Blog
Resolving Top Security Misconfigurations: What you need to know
By Jeff Moline on Mon, 01/22/2024
One of the most common factors that can lead to cybersecurity incidents is a security misconfiguration in software or application settings. The default settings that come with the implementation of these tools and solutions are often not configured securely, and many organizations do not invest the time and resources into ensuring that they are. Several regulatory organizations have established...
Blog
NIST CSF 2.0: What you need to know
By Antonio Sanchez on Mon, 12/11/2023
Organizations looking to protect their sensitive data and assets against cyberattacks may lack the ability to build a cybersecurity strategy without any structured help. The National Institute of Standards and Technology ( NIST ) has a free, public framework to help any organization mature its IT security posture. Recently, the institute published an updated version of the cybersecurity framework...
Blog
How MSSPs Help with Cybersecurity Compliance
By Zack Jessee on Wed, 10/04/2023
While always a part of business, compliance demands have skyrocketed as the digital world gives us so many more ways to go awry. We all remember the Enron scandal that precipitated the Sarbanes-Oxley Act (SOX). Now, SOX compliance means being above board on a number of cybersecurity requirements as well. Fortra's Tripwire recently released a new guide: How Managed Services Can Help with...
Blog
Closing Integrity Gaps with NIST CSF
By Lane Thames on Wed, 09/27/2023
The then-new 2014 NIST Cybersecurity Framework (CSF) was designed to plug security gaps in operational technology. It’s still in use today and more relevant than ever. Fortra’s whitepaper provides a cohesive review of this security staple and how to glean the best out of it for your strategy. A Brief History of NIST CSF “The full maximum NIST Cybersecurity Framework is about as big an umbrella as...
Blog
Increasing Your Business’ Cyber Maturity with Fortra
By Antonio Sanchez on Wed, 09/20/2023
When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of the sheer size of the security portfolio. It’s one thing to advocate for...
Datasheet
Tripwire Services Comparison Matrix
Not all organizations have the internal resources necessary to manage their cybersecurity and compliance solutions in-house. This may seem like a roadblock to those who see the greater potential of their solutions and want to do more to reach their goals but cannot expand their technical teams due to the high demand for qualified candidates or budgetary limitations. However, the services available...
Blog
Working with a Reliable Partner for Cybersecurity Success
By Joe Pettit on Thu, 08/31/2023
Technology companies are often seen as revolving doors of constantly shifting personnel. Whether they are seeking a better work environment or chasing a higher paycheck, these staff changes can hurt an organization’s progress. Worse yet, the customers are often negatively impacted by these changes in the continuity of established relationships. At Fortra, we're proud to have a higher average...
On-Demand Webinar
Expert Compliance Automation Tips for Financial Services
Thu, 08/17/2023
Cybersecurity compliance standards like the Payment Card Industry Data Security Standard (PCI DSS) and Society for Worldwide Interbank Financial Telecommunications (SWIFT) do an excellent job of hardening systems against breaches. This is especially important in the financial services sector, a common target for cybercriminals. This on-demand webinar presented by Senior Solutions Engineer Dan...
Guide
How Managed Services Can Help With Cybersecurity Compliance
Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
On-Demand Webinar
ATT&CKing the Center for Internet Security
Thu, 06/01/2023
From the Critical Security Controls to the Community Defense Model, CIS has provided plenty of mappings that show how knowledge from MITRE ATT&CK can be integrated with their offerings. Last year, CIS went a step further, integrating mappings from MITRE ATT&CK into their Benchmarks. This provides a wealth of information to defenders, but too much information can sometimes lead to information...
Blog
The State of the US National Cybersecurity Strategy for the Electric Grid
By Anastasios Arampatzis on Wed, 02/01/2023
The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks , in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not fully understood. Reports by the Government Accountability Office (GAO)...
Blog
Getting started with Zero Trust: What you need to consider
By David Bruce on Mon, 11/07/2022
Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which could have cost them hundreds of their own currency...
Blog
What the industry wants to improve on NIST Cybersecurity Framework 2.0
By Anastasios Arampatzis on Mon, 10/24/2022
The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014 and updated it with CSF 1.1 in April 2018 . The National Institute of...
Blog
Shifting Left with SAST, DAST, and SCA: Advanced Best Practices
By Tripwire Guest Authors on Thu, 10/20/2022
In the past, teams incorporated security testing far after the development stage of the Software Development Lifecycle (SDLC) . Security testing would influence whether the application would to proceed to production, or get passed back to the developers for remediation. This process caused delays while teams worked on remediation or, worse yet, it increased security risks when teams released...
Guide
Tripwire 2020 Skills Gap Survey
The skills gap remains one of the biggest challenges within the cybersecurity industry. To gain more perspective on what organizations are experiencing, Tripwire partnered with Dimensional Research to survey 342 security professionals on this issue. This study explores hiring trends, how security teams are changing, and how they plan to address the issue in the face of growing cyber threats.
Guide
Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls
The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s security and compliance...
Guide
The Executive's Guide to the CIS Controls
See how simple and effective security controls can create a framework that helps you protect your organization and data from known cyber attack vectors. This publication was designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust network security posture. In this guide, we will cover a wide range of topics...