Resources

Blog

The Six Pillars of Cybersecurity

By Gary Hibberd on Thu, 11/16/2023

Winter is coming In the ever-evolving landscape of cloud computing, ensuring robust security measures has never been more important. In the new ISO 27001:2022 standard, there is a new requirement for organisations to establish control of their Cloud services, which includes every flavor of cloud from Software as a Service (SaaS) to Platform as a...

Blog

VERT Threat Alert: November 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 11/14/2023

Today’s VERT Alert addresses Microsoft’s November 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1082 on Wednesday, November 15th. In-The-Wild & Disclosed CVEs CVE-2023-36033 A vulnerability in the Microsoft Desktop Window Manager (DWM) could allow an attacker to gain SYSTEM level...

Blog

How Does IoT Contribute to Real-Time Grid Monitoring for Enhanced Stability and Fault Detection?

By Emily Newton on Tue, 11/14/2023

More decision-makers are investing in grid modernization efforts, knowing that doing so is necessary for keeping pace with modern demands. For example, smart grid fault-detection sensors could warn utility company providers of problems in real time, preventing costly and inconvenient outages. Technologies like the Internet of Things (IoT) can also...

Blog

Cloud Watching Report: Key Takeaways

By Anirudh Chand on Mon, 11/13/2023

The capabilities of cloud computing have changed the digital landscape significantly, and the popularity of cloud solutions only continues to increase. According to Gartner, the market for public cloud services is expected to surpass 700 billion USD by the end of 2024. The growth of cloud technologies presents a wealth of new opportunities for IT...

Blog

VERT Threat Alert: October 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 10/10/2023

Today’s VERT Alert addresses Microsoft’s October 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1077 on Wednesday, October 11th. In-The-Wild & Disclosed CVEs CVE-2023-41763 While this vulnerability is labeled as a Skype for...

Blog

How MSSPs Help with Cybersecurity Compliance

By Zack Jessee on Wed, 10/04/2023

While always a part of business, compliance demands have skyrocketed as the digital world gives us so many more ways to go awry. We all remember the Enron scandal that precipitated the Sarbanes-Oxley Act (SOX). Now, SOX compliance means being above board on a number of cybersecurity requirements as well. Fortra's Tripwire recently released a new...

Blog

What is NERC? Everything you need to know

By Michael Betti on Tue, 10/03/2023

Electric grids are part of every nation’s critical infrastructure. Every societal activity and business depends on reliable and safe electricity distribution. The US electric grid is a huge network of powerlines, distribution hubs, and renewable and non-renewable energy generators that is increasingly exposed to cyber-physical risks due to the...

Blog

ICS Environments and Patch Management: What to Do If You Can’t Patch

By Anastasios Arampatzis on Mon, 10/02/2023

The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Known unpatched vulnerabilities are often exploited by criminals to penetrate Industrial Control Systems (ICS) environments and disrupt critical...

Blog

Increasing Your Business’ Cyber Maturity with Fortra

By Antonio Sanchez on Wed, 09/20/2023

When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of the sheer size of...

Blog

How to Build an Effective ICS Security Program

By Michael Betti on Mon, 09/18/2023

How to Build an Effective ICS Security Program Of all the different areas of cybersecurity, not many are as important, or have as far-reaching consequences as industrial control systems (ICS) security. While most relevant organizations would agree that ICS security is a significant concern for their operations, it is easier said than done. Many...

Blog

VERT Threat Alert: September 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/12/2023

Today’s VERT Alert addresses Microsoft’s September 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1073 on Wednesday, September 13th. In-The-Wild & Disclosed CVEs CVE-2023-36761 Microsoft has indicated that a vulnerability...

Blog

OT Security: Risks, Challenges and Securing your Environment

By Katrina Thompson on Mon, 09/11/2023

Before the revolution of Information Technology (IT), the world experienced the revolution of Operational Technology (OT). Operational Technology is the combination of hardware and software that controls and operates the physical mechanisms of industry. OT systems play an important role in the water, manufacturing, power, and distribution systems...

Blog

10 Mistakes in Cybersecurity and How to Avoid Them

By Katrina Thompson on Mon, 09/11/2023

It's easy to rest on our laurels. Prevent a few breaches – or go long enough without one – and you start to feel invincible. While our efforts are certainly laudable, we can't get too comfortable. As defenders, we always need to be on the hunt for what we've missed and ways to do better. Here are ten common cybersecurity mistakes that crop up (and...

Datasheet

Tripwire Services Comparison Datasheet

Not all organizations have the internal resources necessary to manage their cybersecurity and compliance solutions in-house. This may seem like a roadblock to those who see the greater potential of their solutions and want to do more to reach their goals but cannot expand their technical teams due to the high demand for qualified candidates or budgetary limitations. However, the services available...

Blog

Working with a Reliable Partner for Cybersecurity Success

By Joe Pettit on Thu, 08/31/2023

Technology companies are often seen as revolving doors of constantly shifting personnel. Whether they are seeking a better work environment or chasing a higher paycheck, these staff changes can hurt an organization’s progress. Worse yet, the customers are often negatively impacted by these changes in the continuity of established relationships. At...

Blog

The CIA Debate: Which is the Most Important?

By Anastasios Arampatzis on Mon, 08/21/2023

The Confidentiality, Integrity and Availability (CIA) Triad is a crucial information security model that guides and assesses how an organization manages data during storage, transmission, and processing. Each component of the triad plays a vital role in maintaining information security: Confidentiality means that data should not be accessed...

Blog

Security Immutability: The Importance of Change

By Tyler Reguly on Mon, 08/14/2023

A few years ago, I wrote about the importance of security immutability. More specifically, I discussed how important it is that your environment be unchangeable in order to ensure that it remains secure. As I looked back on the article, I found it rather amusing that the article was published 4 years ago, but that feels like a lifetime ago. In the...

Guide

5 Things Your FIM Solution Should Do for You

File integrity monitoring (FIM) is a critical security control that helps organizations detect system changes in real-time that indicate impacts to compliance and potential cybersecurity incidents, empowering teams to respond rapidly. FIM is required by many major compliance standards such as North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), the...

Blog

Tripwire Enterprise: Five ‘Other’ Things You Should Know

By Faisal Parkar on Thu, 08/10/2023

Network engineers and security analysts have a lot in common. Both require the ability to not only understand the problems at hand but to ascertain the moments leading to them. A typical scenario would include a request to help with a problem a customer has been experiencing. The person you are trying to assist is probably a member of the IT team in...

Blog

VERT Threat Alert: August 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/08/2023

Today’s VERT Alert addresses Microsoft’s August 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1068 on Wednesday, August 9th. In-The-Wild & Disclosed CVEs CVE-2023-38180 A vulnerability in Kestrel could allow for a denial of...

The Six Pillars of Cybersecurity

VERT Threat Alert: November 2023 Patch Tuesday Analysis

How Does IoT Contribute to Real-Time Grid Monitoring for Enhanced Stability and Fault Detection?

Cloud Watching Report: Key Takeaways

VERT Threat Alert: October 2023 Patch Tuesday Analysis

How MSSPs Help with Cybersecurity Compliance

What is NERC? Everything you need to know

ICS Environments and Patch Management: What to Do If You Can’t Patch

Increasing Your Business’ Cyber Maturity with Fortra

How to Build an Effective ICS Security Program

VERT Threat Alert: September 2023 Patch Tuesday Analysis

OT Security: Risks, Challenges and Securing your Environment

10 Mistakes in Cybersecurity and How to Avoid Them

Tripwire Services Comparison Datasheet

Working with a Reliable Partner for Cybersecurity Success

The CIA Debate: Which is the Most Important?

Security Immutability: The Importance of Change

5 Things Your FIM Solution Should Do for You

Tripwire Enterprise: Five ‘Other’ Things You Should Know

VERT Threat Alert: August 2023 Patch Tuesday Analysis

Contact Information

Privacy Policy

Cookie Policy

Impressum