Resources

Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: July 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/11/2023
Image Today’s VERT Alert addresses Microsoft’s July 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1064 on Wednesday, July 12th. In-The-Wild & Disclosed CVEs CVE-2023-32046 A vulnerability in MSHTML could allow an attacker to...
Vulnerability & Risk Management
VERT Research
Guide
Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. ...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NERC CIP
NIST
PCI DSS
SOX
Tripwire VERT
Blog
Blog

VERT Threat Alert: June 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/13/2023
Image Today’s VERT Alert addresses Microsoft’s June 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1060 on Wednesday, June 14th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs in the June Patch Tuesday...
Vulnerability & Risk Management
VERT Research
On-Demand Webinar
On-Demand Webinar

ATT&CKing the Center for Internet Security

Thu, 06/01/2023
From the Critical Security Controls to the Community Defense Model, CIS has provided plenty of mappings that show how knowledge from MITRE ATT&CK can be integrated with their offerings. Last year, CIS went a step further, integrating mappings from MITRE ATT&CK into their Benchmarks. This provides a wealth of information to defenders, but too much information can sometimes lead...
Compliance
CIS Controls
Tripwire VERT
Blog
Blog

VERT Threat Alert: May 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/09/2023
Image Today’s VERT Alert addresses Microsoft’s May 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1055 on Wednesday, May 10th. In-The-Wild & Disclosed CVEs CVE-2023-29336 Up first this month is a vulnerability reported by Avast...
Vulnerability & Risk Management
VERT Research
Tripwire VERT
Blog
Blog

VERT Threat Alert: April 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 04/11/2023
Image   Today’s VERT Alert addresses Microsoft’s April 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1050 on Wednesday, April 12th. In-The-Wild & Disclosed CVEs CVE-2023-28252 A vulnerability in the Common Log File System (CLFS) Driver has been exploited in-the-wild....
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: March 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/14/2023
Image Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th. In-The-Wild & Disclosed CVEs CVE-2023-24880 Up first this month is a publicly disclosed and exploited vulnerability impacting Windows...
Vulnerability & Risk Management
VERT Research
Tripwire VERT
Blog
Blog

VERT Threat Alert: February 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/14/2023
Image Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: January 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/10/2023
Image Today’s VERT Alert addresses Microsoft’s January 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1037 on Wednesday, January 11th.  In-The-Wild & Disclosed CVEs CVE-2023-21549 A vulnerability in the SMB Witness Service was reported by two Akamai researchers, Stiv...
Vulnerability & Risk Management
VERT Research
Patch Tuesday Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: December 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 12/13/2022
Image Today’s VERT Alert addresses Microsoft’s December 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1034 on Wednesday, December 14th. In-The-Wild & Disclosed CVEs CVE-2022-44698 This vulnerability allows a malicious individual to bypass SmartScreen, which does a...
Vulnerability & Risk Management
VERT Research
Patch Tuesday Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: November 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 11/08/2022
Image Today’s VERT Alert addresses Microsoft’s November 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1029 on Wednesday, November 9th. In-The-Wild & Disclosed CVEs CVE-2022-41091 This vulnerability allows a malicious individual to bypass Mark of the Web. Mark of the...
Vulnerability & Risk Management
VERT Research
Top trends in Application Security in 2022
Blog
Blog

Shifting Left with SAST, DAST, and SCA: Advanced Best Practices

By Tripwire Guest Authors on Thu, 10/20/2022
Image In the past, teams incorporated security testing far after the development stage of the Software Development Lifecycle (SDLC). Security testing would influence whether the application would to proceed to production, or get passed back to the developers for remediation. This process caused delays while teams worked on...
Cybersecurity
Compliance
CIS Controls
VERT Threat Alert: September 2022 Patch Tuesday Analysis
Blog
Blog

VERT Threat Alert: September 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/13/2022
Image Today’s VERT Alert addresses Microsoft’s September 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1021 on Wednesday, September 14th. In-The-Wild & Disclosed CVEs CVE-2022-23960 The first disclosed vulnerability this month is Spectre-BHB that is discussed in great...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022

By Andrew Swoboda on Mon, 09/12/2022
Image All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 5th, 2022. I’ve also included some comments on these stories. Critical RCE Vulnerability...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022

By Andrew Swoboda on Mon, 09/05/2022
Image All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 29th, 2022. I’ve also included some comments on these stories. WordPress 6.0.2 Patches...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022

By Andrew Swoboda on Mon, 08/29/2022
Image All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 22nd, 2022, including some commentary of mine. VMware fixed a privilege escalation issue in...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

By Andrew Swoboda on Mon, 08/22/2022
Image All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 15th, 2022. I’ve also included some comments on these stories. Newly Uncovered PyPI Package...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022

By Andrew Swoboda on Tue, 08/16/2022
Image All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 8st, 2022. I’ve also included some comments on these stories. Slack leaked hashed passwords...
Vulnerability & Risk Management
VERT Research
Guide
Guide

Tripwire 2020 Skills Gap Survey

The skills gap remains one of the biggest challenges within the cybersecurity industry. To gain more perspective on what organizations are experiencing, Tripwire partnered with Dimensional Research to survey 342 security professionals on this issue. This study explores hiring trends, how security teams are changing, and how they plan to address the issue in the face of growing...
Managed Security Services
Guide
Guide

Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls

The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NIST
PCI DSS