Resources
Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NERC CIP
NIST
PCI DSS
SOX
What (Still) Needs to be Done to Secure the U.S. Power Grid in 2023?
Blog

What (Still) Needs to be Done to Secure the U.S. Power Grid in 2023?

By Tripwire Guest Authors on Tue, 06/27/2023
It’s no secret that the U.S. power grid is one of the main foundations of the nation’s economy, infrastructure, and daily way of life. Now that almost everything is digitized, it is hinging on it even more. We wouldn’t be able to use even most vending machines (not to mention cell towers or the internet) without a working electrical supply, and the...
Cybersecurity
Industrial Control Systems
A Sarbanes-Oxley Act (SOX) IT Compliance Primer
Blog

A Sarbanes-Oxley Act (SOX) IT Compliance Primer

By Anthony Israel-Davis on Mon, 06/26/2023
At the turn of the most recent century, the financial world was in a moment of unregulated growth, which lead to some serious corporate misdeeds in the United States. This presented the opportunity for two senators to enact a new law to ensure accurate and reliable financial reporting for public companies in the US. The result was the Sarbanes-Oxley...
Compliance
Security Configuration Management
Tripwire VERT
Blog

VERT Threat Alert: June 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/13/2023
Today’s VERT Alert addresses Microsoft’s June 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1060 on Wednesday, June 14th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs in the June Patch Tuesday drop. CVE Breakdown...
Vulnerability & Risk Management
VERT Research
The Future of Driverless Cars: Technology, Security and AI
Blog

The Future of Driverless Cars: Technology, Security and AI

By Bob Covello on Mon, 06/05/2023
Back in 2015, we published an article about the apparent perils of driverless cars. At that time, the newness and novelty of sitting back and allowing a car to drive you to your destination created a source of criminal fascination for some, and a nightmare for others. It has been eight years since the original article was published, so perhaps it is...
Vulnerability & Risk Management
Cybersecurity
Industrial Control Systems
Guide

PCI DSS Resource Toolkit

PCI DSS Resources for Seamless Compliance The Payment Card Industry Data Security Standard (PCI DSS) is one of the most widely applied regulatory compliance standards, meaning thousands of organizations can benefit from streamlining their compliance programs to avoid audit fines and protect cardholder data. Fortra’s Tripwire is an authority on how to achieve continuous, automated compliance and...
Compliance
PCI DSS
Guide

Insider Insights for the PCI DSS 4.0 Transition

Is your organization ready for the new PCI DSS 4.0 Standard? If you’re already compliant with the most recent version of the Payment Card Industry Data Security Standard (PCI DSS), you’ve probably already begun transitioning to version 4.0 ahead of the upcoming deadline. To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic implementation advice from...
Compliance
PCI DSS
Tripwire VERT
Blog

VERT Threat Alert: May 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/09/2023
Today’s VERT Alert addresses Microsoft’s May 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1055 on Wednesday, May 10th. In-The-Wild & Disclosed CVEs CVE-2023-29336 Up first this month is a vulnerability reported by Avast in Win32k. This...
Vulnerability & Risk Management
VERT Research
Allowlisting and Blocklisting: What you need to know
Blog

Allowlisting and Blocklisting: What you need to know

By Tripwire Guest Authors on Tue, 05/02/2023
The phone rings, displaying "Potential Spam," warning of the possible downfall of accepting the call. We also have the option to set specific ringtones for the special people in our lives, so we audibly know immediately who’s calling. For other callers, like the once-a-year important call from our insurance or investment rep, we'll at least add...
Cybersecurity
Security Configuration Management
Guide

Getting in Control of Financial Services Cybersecurity Regulations

Organizations in the financial sector are all too aware that their industry continues to be one of the top targets for cyber criminals. Among financial services and insurance organizations, the leading cause of breaches is system intrusion. That’s why so many cybersecurity compliance regulations have sprung up to ensure systems are kept hardened against attack. This guide will cover the main...
Compliance
GDPR
PCI DSS
SOX
Datasheet

Tripwire NERC CIP Report Catalog

Fortra’s Tripwire NERC CIP Solution Suite is an advanced offering that augments Tripwire’s tools for meeting 23 of NERC CIP’s 44 requirements. The Tripwire NERC CIP Solution Suite allows you to achieve and maintain NERC CIP compliance with high efficacy and reduced effort. This suite includes continuous monitoring of cyber assets, automated assessment of security, and audit-ready evidence with...
Industrial Control Systems
What Is Microsegmentation and 5 Compelling Security Use Cases
Blog

What Is Microsegmentation and 5 Compelling Security Use Cases

By Tripwire Guest Authors on Mon, 04/17/2023
What Is Microsegmentation? Microsegmentation is a security technique that partitions a network into small, isolated sections to reduce the attack surface and reduce an organizations risk. Each microsegment is typically defined by specific security policies, accessible only to authorized users and devices. Microsegmentation is often seen as a more...
Cybersecurity
Security Configuration Management
On-Demand Webinar

Insights for Navigating PCI-DSS 4.0 Milestones

With the PCI-DSS 4.0 implementation deadline looming just around the corner in 2024, financial companies have no time to waste when it comes to reaching key compliance milestones. Watch this on-demand webinar presented by Fortra’s Tripwire and BankInfoSecurity.com designed to help you get—and stay—on track for PCI 4.0 compliance. Hear from industry experts on preparing for PCI 4.0 using a simple...
Compliance
PCI DSS
Tripwire VERT
Blog

VERT Threat Alert: April 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 04/11/2023
Today’s VERT Alert addresses Microsoft’s April 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1050 on Wednesday, April 12th. In-The-Wild & Disclosed CVEs CVE-2023-28252 A vulnerability in the Common Log File System (CLFS) Driver has been exploited in-the-wild. CLFS provides a...
Vulnerability & Risk Management
VERT Research
Distributed Energy Resources and Grid Security
Blog

Distributed Energy Resources and Grid Security

By Tripwire Guest Authors on Tue, 04/04/2023
As the United States government, the energy industry, and individual consumers work toward cleaner and more sustainable energy solutions, it is crucial to consider how new and advancing technologies affect, and are affected by, cybersecurity concerns. ­­­­Increasing use of smart energy devices can be useful for consumers to have more control over...
Cybersecurity
Industrial Control Systems
Guide

PCI DSS 4.0 Compliance

Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements as the implementation...
Compliance
PCI DSS
A-Look-at-The-2023-Global-Automotive-Cybersecurity-Report
Blog

A Look at The 2023 Global Automotive Cybersecurity Report

By Tripwire Guest Authors on Mon, 03/20/2023
From its inception, the automotive industry has been shaped by innovation and disruption. In recent years, these transformations have taken shape in rapid digitization, ever-growing Electric Vehicle (EV) infrastructure, and advanced connectivity. These shifts have redirected the automotive industry, meeting and surpassing customer expectations for...
Cybersecurity
Industrial Control Systems
How-Retiring-Gas-and-Coal-Plants-Affects-Grid-Stability
Blog

How Retiring Gas and Coal Plants Affects Grid Stability

By Katrina Thompson on Thu, 03/16/2023
Legacy gas and coal plants are being aged out – and no one wants to pay enough to keep them going. With increased pressure from green energy laws and added competition from renewable sources, these monsters of Old Power are being shown the door. Considering they've predated and precipitated all Industrial Revolutions (except for this last one – that...
Vulnerability & Risk Management
Industrial Control Systems
Tripwire VERT Security Update
Blog

VERT Threat Alert: March 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/14/2023
Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th. In-The-Wild & Disclosed CVEs CVE-2023-24880 Up first this month is a publicly disclosed and exploited vulnerability impacting Windows SmartScreen. SmartScreen...
Vulnerability & Risk Management
VERT Research
Tripwire VERT
Blog

VERT Threat Alert: February 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/14/2023
Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in Windows Graphic Component...
Vulnerability & Risk Management
VERT Research