Resources

Blog

Defending against DDoS Attacks: What you need to know

Patience is one of those time-dependent, and often situational circumstances we experience. Few things define relativity better than patience. Think of the impatience of people who have to wait ten minutes in a line at a gas station, yet the thought of waiting ten minutes for a perfectly brewed cup of coffee seems entirely reasonable. It can’t be...
Blog

Increasing Your Business’ Cyber Maturity with Fortra

When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of the sheer size of...
Blog

General Data Protection Regulation (GDPR) – The Story So Far

Do you remember where you were on 25th May 2018? Perhaps you were enjoying a Friday night drink with friends. Perhaps you were with family, relaxing after a busy week at work. I was actually having a GDPR Birthday party with friends and colleagues because 25th May 2018 was a landmark day for the world of Data Protection (yes, seriously, we had a...
Blog

Guarding Against Fileless Malware: Types and Prevention

Fileless malware, true to its name, is malicious code that uses existing legitimate programs in a system for compromise. It operates directly in the Random Access Memory (RAM) without requiring any executable files in the hard drive. Differing from conventional malware, fileless attacks are stealthier in nature, falling under the category of low...
Datasheet

Tripwire Services Comparison Datasheet

Not all organizations have the internal resources necessary to manage their cybersecurity and compliance solutions in-house. This may seem like a roadblock to those who see the greater potential of their solutions and want to do more to reach their goals but cannot expand their technical teams due to the high demand for qualified candidates or budgetary limitations. However, the services available...
Blog

Working with a Reliable Partner for Cybersecurity Success

Technology companies are often seen as revolving doors of constantly shifting personnel. Whether they are seeking a better work environment or chasing a higher paycheck, these staff changes can hurt an organization’s progress. Worse yet, the customers are often negatively impacted by these changes in the continuity of established relationships. At...
Blog

Understanding Firewalls – Types, Configuration, and Best Practices for Effective Network Security

A firewall is a security device that controls the flow of traffic across a network. A firewall may be a hardware appliance, or it may be a piece of software that runs on a third-party operating system. Firewalls operate based on a set of pre-defined, as well as customizable security rules that inspect network traffic to block or permit access to a...
On-Demand Webinar

Expert Compliance Automation Tips for Financial Services

Cybersecurity compliance standards like the Payment Card Industry Data Security Standard (PCI DSS) and Society for Worldwide Interbank Financial Telecommunications (SWIFT) do an excellent job of hardening systems against breaches. This is especially important in the financial services sector, a common target for cybercriminals. This on-demand webinar presented by Senior Solutions Engineer Dan...
Blog

The Use of Natural Language Processing for Identifying and Mitigating Threats

As technology advances, the battle between cyber criminals and organizations intensifies. Cyber threats have become more sophisticated, complex, and widespread, posing a significant risk to the security and integrity of sensitive data. In Q1 2023 alone, the number of global cyber attacks increased by 7%, with an average of 1,248 attacks reported...
Blog

2023 Business Email Compromise Statistics

In cybersecurity, knowledge is everything. From APT intelligence to zero-day vulnerabilities, relevant and timely information can be the difference between a thwarted attack and a total disaster. With Business Email Compromise (BEC) attacks at their zenith, there has never been a better time for a comprehensive BEC report. As such, Fortra has...
Blog

Is Your MSP Taking Its Own Security Seriously?

Most small and midsized businesses trust an IT services partner to help them secure their networks. A few years ago, high-profile cyberattacks targeting MSP vendors Kaseya and SolarWinds thrust the security risk of relying on a complex chain of vendors into the technology media and moved the Department of Homeland Security to issue a statement...
Blog

An Introduction to Cyber Threat Intelligence: Key Concepts and Principles

Cyber Threat Intelligence (CTI), or threat intelligence, is evidence-based knowledge established from current cyber threats, gathered from myriad sources to identify existing or potential attacks. Threat intelligence assists in identifying the motives, targets, and attack behaviors of a threat actor and implementing strong defenses from future...
Blog

ATT&CKing the Center for Internet Security

I recently spoke at a Fortra Webinar about CIS and MITRE. More specifically, I discussed the intersection between the CIS Critical Security Controls, CIS Benchmarks, and MITRE ATT&CK. In this post, I won't go into deep details about the core background, but there are plenty of excellent references available online, including our breakdown of the...
Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
Blog

Insider Risk Hits Closer to Home

If you’re busy securing the perimeter, mandating strong authentication practices, and restricting software downloads, you may be missing the mark. (Just to be clear: if you are doing those things, keep it up. You’re off to a good start, and none of what follows here replaces classic and vital cybersecurity measures.) Protecting your organization...
Blog

Do you Work in a SOC Noise Factory?

Gabrielle is a security engineer. She deploys tools to scan for threats and vulnerabilities, read logs, and manage the security risks for her company, but is all that data really helping? Sometimes, it seems like she works in a noise factory instead of a SOC. The cacophony of all the log and event data and vulnerability scans are pouring into the...
Blog

Beyond the firewall: How social engineers use psychology to compromise organizational cybersecurity

A Social engineering attack is the process of exploiting weaknesses in human psychology to manipulate and persuade others to perform in a way that is harmful. Prior to the digital age, criminals would carry out these attacks in person, in what was known as a confidence game. The perpetrators were referred to a “con men”, regardless of their gender....
Blog

Root Cause Analysis for Deployment Failures

Root Cause Analysis (RCA) is a technique used to identify the underlying reasons for a problem, with the aim of trying to prevent it from recurring in the future. It is often used in change management processes to help identify the source of any issues that arise following any modifications to a system or process. RCA is something Tripwire...
Guide

Getting in Control of Financial Services Cybersecurity Regulations

Organizations in the financial sector are all too aware that their industry continues to be one of the top targets for cyber criminals. Among financial services and insurance organizations, the leading cause of breaches is system intrusion. That’s why so many cybersecurity compliance regulations have sprung up to ensure systems are kept hardened against attack. This guide will cover the main...
Blog

A Day in the Life of a SOC Team

This piece was originally published on Fortra’s AlertLogic.com Blog. Managed detection and response (MDR) would be nothing without a SOC (security operations center). They’re on the frontline of our clients’ defenses — a living, breathing layer of intelligence and protection to complement our automated cybersecurity features. These are the people...