Resources

Guide
Guide

Cloud Article Anthology, vol. 1

Security leaders charged with reducing their organizations’ cloud attack surfaces have to stay continually up-to-date in a security landscape that changes in the blink of an eye. This anthology of insights from some of Tripwire’s leading cloud experts will help you understand how to prioritize and tackle your cloud security imperatives. Download your copy now to learn: Eight cloud security best...
Cloud Security
Datasheet
Datasheet

Tripwire ExpertOps and PCI

The Payment Card Industry Data Security Standard ( PCI DSS ) was created to help organizations that process credit card payments, secure the cardholder environment to prevent credit card fraud, cyber threats and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting and storing credit card data to minimize the theft...
Compliance
PCI DSS
Datasheet
Datasheet

Tripwire Cloud Deployment Services

Cloud computing has transformed business and government at an extraordinary pace by delivering business-supporting technology more efficiently than ever. The cloud has changed the way IT thinks about how to design and deliver computing technology applications and, according to Gartner, by 2015 10% of enterprise IT security will be delivered in the cloud. What if enterprises could improve IT...
Cloud Security
Datasheet
Datasheet

Tripwire Resident Engineers

The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote...
Compliance
NERC CIP
NIST
PCI DSS
SOX
Datasheet
Datasheet

Tripwire’s Solutions for Automated, Continuous PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, cyber threats, and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting, and storing credit card data to minimize the theft...
Compliance
PCI DSS
Datasheet
Datasheet

Cloud Data Security: Implementing Smarter Cloud Security

The trend of mass migration to the cloud brings benefits like lower operating costs, easier deployability, and the flexibility of an elastic environment. However, it’s crucial to understand that the responsibility to secure your cloud infrastructure still falls on your organization. Cloud providers allow organizations to take advantage of their infrastructure, resulting in a shared model for...
Cloud Security
Case Study
Case Study

Payment Processor for Businesses

As a recognized leader in the payment processing sector, this company offers its clients hundreds of secure payment methods across multiple platforms, around the globe. Onan average day it processes tens of millions of mobile, online and in-store transactions in 100+ currencies. After experiencing a security incident that was quickly contained, the company took the opportunity to revamp its entire...
Compliance
PCI DSS
VERT Threat Alert: September 2022 Patch Tuesday Analysis
Blog
Blog

VERT Threat Alert: August 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/09/2022
Today’s Patch Tuesday VERT Alert addresses Microsoft’s August 2022 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1015 on Wednesday, August 10th. In-The-Wild & Disclosed CVEs CVE-2022-34713 According to Microsoft, CVE-2022-34713 is a variant of the Dogwalk vulnerability . There has been a lot of Twitter discussion around this Dogwalk as...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022

By Andrew Swoboda on Mon, 08/08/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 1 st , 2022. I’ve also included some comments on these stories. Windows 11 Smart App Control blocks files used to push malware Smart App Control, a Windows 11...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022

By Andrew Swoboda on Mon, 08/01/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of July 25, 2022. I’ve also included some comments on these stories. SonicWall fixed critical SQLi in Analytics and GMS products Security company SonicWall addressed a...
Vulnerability & Risk Management
VERT Research
VERT Threat Alert: September 2022 Patch Tuesday Analysis
Blog
Blog

VERT Threat Alert: July 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/12/2022
Today’s VERT Alert addresses Microsoft’s July 2022 Security Updates . VERT is actively working on coverage for these Patch Tuesday vulnerabilities and expects to ship ASPL-1011 on Wednesday, July 13th. In-The-Wild & Disclosed CVEs CVE-2022-22047 Microsoft is reporting this month that a single vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) is the only one that has seen active...
Vulnerability & Risk Management
VERT Research
PCI 4.0: The wider meanings of the new Standard
Blog
Blog

PCI 4.0: The wider meanings of the new Standard

By David Bruce on Wed, 07/06/2022
The new PCI DSS Standard, version 4.0 , contains all the steps, best practices, and explanations required for full compliance. In fact, even an organization that does not process cardholder data could follow the PCI Standard to implement a robust cybersecurity program for any of its important data. In our series about how the new standard differs from the previous version, we examined some of the...
Compliance
PCI DSS
What you need to know about PCI 4.0: Requirements 10, 11 and 12
Blog
Blog

What you need to know about PCI 4.0: Requirements 10, 11 and 12

By David Bruce on Wed, 06/29/2022
As we continue our review of the 12 Requirements of PCI DSS version 4.0 , one has to stop and consider, is it possible to have a favorite section of a standard? After all, most guidance documents, as well as regulations are seen as tedious distractions from the importance of getting the job done. However, depending on a person’s position and function in an organization, it is possible to “geek out...
Compliance
PCI DSS
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022

By Andrew Swoboda on Mon, 06/27/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 20, 2022. I’ve also included some comments on these stories. Over a Dozen Flaws Found in Siemens' Industrial Network Management System Cybersecurity researchers have...
Vulnerability & Risk Management
VERT Research
What you need to know about PCI 4.0: Requirements 5, 6, 7, 8 and 9
Blog
Blog

What you need to know about PCI 4.0: Requirements 5, 6, 7, 8 and 9

By David Bruce on Wed, 06/22/2022
In Part 1 of this series , we reviewed the first four sections of the new PCI standards. As we continue our examination of PCI DSS version 4.0, we will consider what organizations will need to do in order to successfully transition and satisfy this update. Requirements 5 through 9 are organized under two categories: Maintain a Vulnerability Management Program Requirement 5: Protect All Systems and...
Compliance
PCI DSS
VERT Threat Alert: June 2022 Patch Tuesday Analysis
Blog
Blog

VERT Threat Alert: June 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/14/2022
Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th. In-The-Wild & Disclosed CVEs None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However, Microsoft did update last month’s security...
Vulnerability & Risk Management
VERT Research
What you need to know about PCI 4.0: Requirements 1, 2, 3 and 4.
Blog
Blog

What you need to know about PCI 4.0: Requirements 1, 2, 3 and 4.

By David Bruce on Tue, 06/14/2022
The Payment Card Industry Security Standards Council has released its first update to their Data Security Standard (PCI DSS) since 2018. The new standard, version 4.0, is set to generally go into effect by 2024, but there are suggested updates that are not going to be required until a year after that. This, of course, creates a couple of problems for those who want to phase in the new standard...
Compliance
PCI DSS
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

By Andrew Swoboda on Mon, 06/13/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories. Another nation-state actor exploits Microsoft Follina to attack European and US entities A nation-state...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022
Blog
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022

By Andrew Swoboda on Mon, 06/06/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 30, 2022. I’ve also included some comments on these stories. Vendor Refuses to Remove Backdoor Account That Can Facilitate Attacks on Industrial Firms Korenix JetPort...
Vulnerability & Risk Management
VERT Research