Resources

Blog

Do you Work in a SOC Noise Factory?

By Anthony Israel-Davis on Mon, 05/22/2023

Image Gabrielle is a security engineer. She deploys tools to scan for threats and vulnerabilities, read logs, and manage the security risks for her company, but is all that data really helping? Sometimes, it seems like she works in a noise factory instead of a SOC. The cacophony of all the log and event data and vulnerability scans...

Blog

Beyond the firewall: How social engineers use psychology to compromise organizational cybersecurity

By Tripwire Guest Authors on Mon, 05/15/2023

Image A Social engineering attack is the process of exploiting weaknesses in human psychology to manipulate and persuade others to perform in a way that is harmful. Prior to the digital age, criminals would carry out these attacks in person, in what was known as a confidence game. The perpetrators were referred to a “con men”,...

Guide

Insider Insights for the PCI DSS 4.0 Transition

Is your organization ready for the new PCI DSS 4.0 Standard? If you’re already compliant with the most recent version of the Payment Card Industry Data Security Standard (PCI DSS), you’ve probably already begun transitioning to version 4.0 ahead of the upcoming deadline. To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic...

Blog

Root Cause Analysis for Deployment Failures

By Chris Hudson on Tue, 04/25/2023

Image Root Cause Analysis (RCA) is a technique used to identify the underlying reasons for a problem, with the aim of trying to prevent it from recurring in the future. It is often used in change management processes to help identify the source of any issues that arise following any modifications to a system or process. RCA is...

Guide

Getting in Control of Financial Services Cybersecurity Regulations

Organizations in the financial sector are all too aware that their industry continues to be one of the top targets for cyber criminals. Among financial services and insurance organizations, the leading cause of breaches is system intrusion. That’s why so many cybersecurity compliance regulations have sprung up to ensure systems are kept hardened against attack. This guide will...

Blog

A Day in the Life of a SOC Team

By Fortra Staff on Tue, 04/18/2023

Image This piece was originally published on Fortra’s AlertLogic.com Blog. Managed detection and response (MDR) would be nothing without a SOC (security operations center). They’re on the frontline of our clients’ defenses — a living, breathing layer of intelligence and protection to complement our automated cybersecurity features....

On-Demand Webinar

Insights for Navigating PCI-DSS 4.0 Milestones

With the PCI-DSS 4.0 implementation deadline looming just around the corner in 2024, financial companies have no time to waste when it comes to reaching key compliance milestones. Watch this on-demand webinar presented by Fortra’s Tripwire and BankInfoSecurity.com designed to help you get—and stay—on track for PCI 4.0 compliance. Hear from industry experts on preparing for PCI...

Blog

CISA Publishes Advisory on Improving Network Monitoring and Hardening

By Anastasios Arampatzis on Wed, 04/12/2023

Image CISA released in late February a cybersecurity advisory on the key findings from a recent Cybersecurity and Infrastructure Security Agency (CISA) red team assessment to provide organizations recommendations for improving their cyber posture. According to the Agency, the necessary actions to harden their environments include...

Blog

30 Ransomware Prevention Tips

By Tripwire Guest Authors on Tue, 04/11/2023

Image Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. Ransomware also continues to evolve as a threat category within the past year, with old names like REvil rearing their heads and new players like Black Basta emerging...

Guide

PCI DSS 4.0 Compliance

Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements...

Blog

The State of the US National Cybersecurity Strategy for the Electric Grid

By Anastasios Arampatzis on Wed, 02/01/2023

Image The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not...

Blog

Healthcare Supply Chain Attacks Raise Cyber Security Alarm

Wed, 01/11/2023

Image The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target the healthcare industry, cybersecurity experts and healthcare administrators should be aware...

Blog

How to deal with cyberattacks this holiday season

By Tripwire Guest Authors on Thu, 12/15/2022

Image The holiday season has arrived, and cyberattacks are expected to increase with the upcoming celebratory events. According to The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) 2022 Holiday Season Threat Trends and summary report, ransomware and phishing attacks are expected to increase in retail. With the...

Blog

Getting started with Zero Trust: What you need to consider

By David Bruce on Mon, 11/07/2022

Image Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by...

Blog

Privacy Updates in Q3 2022: Major Developments Across the Globe

By Tripwire Guest Authors on Fri, 11/04/2022

Image The third quarter saw some major developments across the privacy space. In the U.S., we saw a federal bill for comprehensive privacy achieve more than ever before, children’s privacy proved to remain a top concern, and the Federal Trade Commission formally began its heavily criticized “Magnuson-Moss rulemaking” process. Not to...

Blog

New Canadian Cyberattack Data Says 80% of SMBs Are Vulnerable

By Tripwire Guest Authors on Tue, 10/25/2022

Image If you were to take a look at the cybersecurity news cycle, you’d be forgiven for thinking that it’s only large enterprises with expansive customer bases and budgets that are the most vulnerable to attacks. But that’s not entirely true. Even if it’s at a much smaller scale, small- and medium-sized businesses (SMBs) still have...

Blog

What the industry wants to improve on NIST Cybersecurity Framework 2.0

By Anastasios Arampatzis on Mon, 10/24/2022

Image The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014...

Blog

Place your budgets on the right cybersecurity for your business

By Chris Hudson on Thu, 10/20/2022

Image As budgets start to tighten for countless businesses concerned about the potential financial winter that many are predicting, security teams across the world are reviewing where best to place their investment to ensure they get the best “bang for their buck”. With that in mind, now might be time to explore some key areas where I...

Blog

Integrity Monitoring Use Cases: Compliance

By David Bruce on Wed, 10/19/2022

Image What is File Integrity Monitoring? The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations...

Guide

Zero Trust and the Seven Tenets

Whether you are new to information security, or you’re a long-time practitioner, it seems that “zero trust” is the latest initiative at the top of everyone’s priority list. Special Publication 800-207, created by the National Institute of Standards and Technology (NIST) offers guidance for instituting a zero trust architecture. The document outlines the basic tenets that form...

Do you Work in a SOC Noise Factory?

Beyond the firewall: How social engineers use psychology to compromise organizational cybersecurity

Insider Insights for the PCI DSS 4.0 Transition

Root Cause Analysis for Deployment Failures

Getting in Control of Financial Services Cybersecurity Regulations

A Day in the Life of a SOC Team

Insights for Navigating PCI-DSS 4.0 Milestones

CISA Publishes Advisory on Improving Network Monitoring and Hardening

30 Ransomware Prevention Tips

PCI DSS 4.0 Compliance

The State of the US National Cybersecurity Strategy for the Electric Grid

Healthcare Supply Chain Attacks Raise Cyber Security Alarm

How to deal with cyberattacks this holiday season

Getting started with Zero Trust: What you need to consider

Privacy Updates in Q3 2022: Major Developments Across the Globe

New Canadian Cyberattack Data Says 80% of SMBs Are Vulnerable

What the industry wants to improve on NIST Cybersecurity Framework 2.0

Place your budgets on the right cybersecurity for your business

Integrity Monitoring Use Cases: Compliance

Zero Trust and the Seven Tenets

Contact Information

Privacy Policy

Cookie Policy

Impressum