Resources

Getting started with Zero Trust: What you need to consider
Blog

Getting started with Zero Trust: What you need to consider

By David Bruce on Mon, 11/07/2022
Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which could...
Cybersecurity
Compliance
NIST
Security Configuration Management
What Does the Industry Want to Improve on NIST Cybersecurity Framework 2.0
Blog

What the industry wants to improve on NIST Cybersecurity Framework 2.0

By Anastasios Arampatzis on Mon, 10/24/2022
The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014 and updated it with CSF 1...
Compliance
NIST
Industrial Control Systems
Guide

How Finance Companies Bank on Tripwire ExpertOps

Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems. However, most breaches...
Compliance
PCI DSS
SOX
Guide

Sustaining SOX Compliance Through Automation Using COBIT Framework

Achieving compliance with the Sarbanes-Oxley Act (SOX) can be a monumental effort. Maintaining those controls and audit reporting on an ongoing basis can be even more difficult. The SEC recommends automated controls for more efficient and effective compliance results. This white paper details the SOX requirements that are best addressed by automated controls using the COBIT framework in two core...
Compliance
SOX
Guide

Tripwire 2020 Skills Gap Survey

The skills gap remains one of the biggest challenges within the cybersecurity industry. To gain more perspective on what organizations are experiencing, Tripwire partnered with Dimensional Research to survey 342 security professionals on this issue. This study explores hiring trends, how security teams are changing, and how they plan to address the issue in the face of growing cyber threats. ...
Managed Security Services
Guide

Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls

The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s security and compliance...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NIST
PCI DSS
Datasheet

Tripwire ExpertOps

Many IT teams are facing challenging skills gaps or struggling with optimizing their cybersecurity software. It might be that your team is too small for their responsibilities, or that you’re finding it difficult to attract, train, and retain talent. Turnover is a common problem, with organizations and agencies often losing skilled individuals to new opportunities. Fortunately, strategically...
Cybersecurity Skills Gap
Managed Security Services
Datasheet

Tripwire ExpertOps and SOX

The Sarbanes-Oxley Act (SOX) requires all publicly held companies to establish internal controls and procedures for financial reporting to reduce the possibility of corporate fraud. SOX is not specific on the types of controls that are required, but points to the COBIT framework to provide organizations’ guidance on their IT governance. The Challenge Change is ever occurring in your systems...
Compliance
SOX
Datasheet

Tripwire ExpertOps and HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) was enacted to safeguard Protected Health Information (PHI) by mandating procedures and controls to assure the public that critical and private information is controlled from loss of confidentiality, integrity or availability. With few exceptions, an organization is subject to HIPAA if it exchanges data related to the health care...
Compliance
HIPAA
Datasheet

Tripwire ExpertOps and NIST 800-171

Federal security managers expect that most federally run systems are actively engaging with FISMA compliance for protecting federal data and systems. However, as we all know, federal information does not remain only in federally operated systems. Data and IT systems connect via the Internet and other networks for business, operations and research. Information about citizens, banking and finance,...
Compliance
NIST
Datasheet

The Tripwire HIPAA Solution

The United States Health Insurance Portability and Accountability Act of 1996, or HIPAA, was enacted to safeguard Protected Health Information (PHI) by mandating procedures and controls to assure the public that critical and private information is controlled from loss of confidentiality, integrity or availability. With few exceptions, an organization is subject to HIPAA if it exchanges data...
Compliance
HIPAA
Datasheet

Tripwire Managed Services

Today’s IT and InfoSec Executives are challenged with an ever changing cybersecurity landscape. When combined with the proliferation of new sources of information every day, it can be increasing difficult to maintain and operate technology solutions that are designed protect the organization from risk. Many IT organizations are struggling to revise processes to establish governance practices, but...
Managed Security Services
Datasheet

Tripwire Resident Engineers

The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote...
Compliance
NERC CIP
NIST
PCI DSS
SOX
Datasheet

Tripwire Resident Engineers for Federal Agencies

The cybersecurity skills gap leaves Federal agencies without adequate staffing for the operation of their security tools. High turnover rates can also cause agencies to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote work...
Compliance
NERC CIP
NIST
Datasheet

Improving your Cybersecurity Posture with the NIST Cybersecurity Framework

There isn’t an industry that hasn’t been affected by cyber threats, and the broadcast industry is no exception. In April 2015, France’s TV5Monde was attacked, resulting in eleven of its channels going dark and its social media outlets commandeered to display pro-Islamic State messages. This was preceded by an attack on WBOC in Salisbury, Maryland, where their Twitter account and website were...
Compliance
NIST
Datasheet

Maintaining the Security and Integrity of Electronic Health Record Systems

The value of electronic health record (EHR) systems is immense. These digital records are designed to be available anytime and anywhere, connecting healthcare providers with patient data. EHRs are a central repository of patient medical histories, medications, diagnoses, immunization dates, allergies, lab results and radiology images. With access to this accurate patient information, providers can...
Compliance
HIPAA
NIST
Case Study

Tripwire and Astro Making Best Practices a Daily Show

Assessing and managing vulnerabilities is a core cybersecurity practice, but it can put a heavy strain on IT security and operations teams. In many cases, introducing vulnerability management as a service is what’s necessary to overcome the challenge of accumulating vulnerabilities across complex IT environments—especially when time and resources are limited. This was the case for one mid-size U...
Vulnerability & Risk Management
SaaS Security
Compliance
Managed Security Services
Press Release

Tripwire Eases Government Resource Constraints with New FedRAMP-Certified Managed Services Solution

Tripwire ExpertOps Federal reduces both the workload and complexity of managing an agency’s critical security controls. PORTLAND, Ore. – August 3, 2020 – Tripwire, Inc., a global cybersecurity solutions provider protecting the world’s leading organizations, today announced the launch of Tripwire® ExpertOps℠ Federal a FedRAMP-certified managed services solution that augments the resources needed...
Managed Vulnerability Management? Yes, You Read That Right
Blog

Managed Vulnerability Management? Yes, You Read That Right

By Editorial Staff on Tue, 04/16/2019
The importance of a mature vulnerability management program can’t be overstated. File integrity monitoring (FIM) and security configuration management (SCM) might be the bedrock of a strong cybersecurity program, but they can only go so far. Scanning for vulnerabilities needs to be a foundational part of your program, too. The Center for Internet...
Vulnerability & Risk Management
Managed Security Services