Resources

Blog

NIST CSF 2.0: What you need to know

By Antonio Sanchez on Mon, 12/11/2023

Image Organizations looking to protect their sensitive data and assets against cyberattacks may lack the ability to build a cybersecurity strategy without any structured help. The National Institute of Standards and Technology (NIST) has a free, public framework to help any organization mature its IT security posture. Recently, the...

On-Demand Webinar

Top Security Misconfigurations to Watch Out For

Thu, 11/30/2023

Misconfigurations continue to be a leading cause of cybersecurity breaches. Luckily, you can prevent and correct them with the right knowledge and tools on your side. The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) recently released a joint cybersecurity advisory (CSA) sharing the most common misconfigurations observed by their Red...

Blog

SMB Protocol Explained: Understanding its Security Risks and Best Practices

By Dilki Rathnayake on Tue, 11/21/2023

Image Server Message Block (SMB) protocol is a communication protocol that allows users to communicate with remote servers and computers, which they can open, share, edit files, and even share and utilize resources. With the expansion of telecommunications, this protocol has been a prime target for threat actors to gain unauthorized...

Blog

Secure Access Control in 2024: 6 Trends to Watch Out For

By Gilad David Maayan on Wed, 11/15/2023

Image What Is Secure Access Control? Secure access control, part of the broader field of user management, is a key concept in the realm of information security, particularly in the business environment. It refers to the process of selectively restricting and allowing access to a place or resource. In the context of information...

Blog

How Does IoT Contribute to Real-Time Grid Monitoring for Enhanced Stability and Fault Detection?

By Emily Newton on Tue, 11/14/2023

Image More decision-makers are investing in grid modernization efforts, knowing that doing so is necessary for keeping pace with modern demands. For example, smart grid fault-detection sensors could warn utility company providers of problems in real time, preventing costly and inconvenient outages. Technologies like the Internet of...

Blog

Massive Surge in Security Breaches of Pensions Prompt Questions

By Josh Breaker-Rolfe on Thu, 11/02/2023

Image A recent report from RPC has revealed that cybersecurity breaches in UK pension schemes increased by 4,000% from 2021/22 to 2022/23. Understandably, the announcement has raised serious concerns about the efficacy of financial service organization’s cybersecurity programmes. Although the reasons for cyberattacks on financial...

Guide

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide...

Blog

5 Tripwire Enterprise Misconfigurations to Avoid

By Jeff Hines on Tue, 10/24/2023

Image Configuration management is vitally important as part of a sound cybersecurity strategy. We have previously published how patching alone is not enough, as that does not alter a system’s customized configuration. Misconfigurations can be as damaging to security as a deliberate attack on a system. As the manufacturer of Tripwire...

Blog

What is a CMDB?

By Lane Thames on Tue, 10/17/2023

Image There are countless tools and technologies available to help an organization stay on top of its IT assets, and a configuration management database (CMDB) is an extremely useful one. The database keeps track of relevant information regarding various hardware and software components and the relationships between them. It allows...

Blog

Understanding Cybersecurity Footprinting: Techniques and Strategies

By Dilki Rathnayake on Mon, 10/16/2023

Image Footprinting, also known as fingerprinting, is a methodology used by penetration testers, cybersecurity professionals, and even threat actors to gather information about a target organization to identify potential vulnerabilities. Footprinting is the first step in penetration testing. It involves scanning open ports, mapping...

Blog

Compliance vs. Security: Striking the Right Balance in Cybersecurity

By Jay Thakkar on Mon, 10/09/2023

Image Compliance and security often go hand in hand as ideas that attempt to protect against cyber threats. While both compliance and security are designed to lower risk, they are not mutually inclusive—that is, not everything that is required for compliance will necessarily help with security, and not everything that bolsters...

Blog

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

By Graham Cluley on Fri, 10/06/2023

Image A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many...

Blog

What is NERC? Everything you need to know

By Michael Betti on Tue, 10/03/2023

Image Electric grids are part of every nation’s critical infrastructure. Every societal activity and business depends on reliable and safe electricity distribution. The US electric grid is a huge network of powerlines, distribution hubs, and renewable and non-renewable energy generators that is increasingly exposed to cyber-physical...

Blog

ICS Environments and Patch Management: What to Do If You Can’t Patch

By Anastasios Arampatzis on Mon, 10/02/2023

Image The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Known unpatched vulnerabilities are often exploited by criminals to penetrate Industrial Control Systems (ICS) environments and...

Blog

Fighting AI Cybercrime with AI Security

By Tripwire Guest Authors on Mon, 10/02/2023

Image On August 10th, the Pentagon introduced "Task Force Lima," a dedicated team working to bring Artificial Intelligence (AI) into the core of the U.S. defense system. The goal is to use AI to improve business operations, healthcare, military readiness, policy-making, and warfare. Earlier in August, the White House announced a...

Blog

Closing Integrity Gaps with NIST CSF

By Lane Thames on Wed, 09/27/2023

Image The then-new 2014 NIST Cybersecurity Framework (CSF) was designed to plug security gaps in operational technology. It’s still in use today and more relevant than ever. Fortra’s whitepaper provides a cohesive review of this security staple and how to glean the best out of it for your strategy. A Brief History of NIST CSF “The...

Blog

Defending against DDoS Attacks: What you need to know

By Bob Covello on Mon, 09/25/2023

Image Patience is one of those time-dependent, and often situational circumstances we experience. Few things define relativity better than patience. Think of the impatience of people who have to wait ten minutes in a line at a gas station, yet the thought of waiting ten minutes for a perfectly brewed cup of coffee seems entirely...

Blog

Increasing Your Business’ Cyber Maturity with Fortra

By Antonio Sanchez on Wed, 09/20/2023

Image When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of...

Blog

How to Build an Effective ICS Security Program

By Michael Betti on Mon, 09/18/2023

Image How to Build an Effective ICS Security Program Of all the different areas of cybersecurity, not many are as important, or have as far-reaching consequences as industrial control systems (ICS) security. While most relevant organizations would agree that ICS security is a significant concern for their operations, it is easier...

Blog

Guarding Against Fileless Malware: Types and Prevention

By Dilki Rathnayake on Thu, 09/14/2023

Image Fileless malware, true to its name, is malicious code that uses existing legitimate programs in a system for compromise. It operates directly in the Random Access Memory (RAM) without requiring any executable files in the hard drive. Differing from conventional malware, fileless attacks are stealthier in nature, falling under...

NIST CSF 2.0: What you need to know

Top Security Misconfigurations to Watch Out For

SMB Protocol Explained: Understanding its Security Risks and Best Practices

Secure Access Control in 2024: 6 Trends to Watch Out For

How Does IoT Contribute to Real-Time Grid Monitoring for Enhanced Stability and Fault Detection?

Massive Surge in Security Breaches of Pensions Prompt Questions

10 Common Security Misconfigurations and How to Fix Them

5 Tripwire Enterprise Misconfigurations to Avoid

What is a CMDB?

Understanding Cybersecurity Footprinting: Techniques and Strategies

Compliance vs. Security: Striking the Right Balance in Cybersecurity

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

What is NERC? Everything you need to know

ICS Environments and Patch Management: What to Do If You Can’t Patch

Fighting AI Cybercrime with AI Security

Closing Integrity Gaps with NIST CSF

Defending against DDoS Attacks: What you need to know

Increasing Your Business’ Cyber Maturity with Fortra

How to Build an Effective ICS Security Program

Guarding Against Fileless Malware: Types and Prevention

Contact Information

Privacy Policy

Cookie Policy

Impressum