Guide
FISMA SI-7 Buyer's Guide
The FISMA SI-7 Buyer’s Guide focuses on one of the most difficult security controls agencies must adhere to: NIST 800-53 SI-7. Learn what solutions to look for.
Guide
Executing an Efficient Cloud Security Strategy
How do organizations execute an efficient cloud security strategy and find the right cloud security tools? Tripwire asked a range of cloud security experts to share their thoughts on some of the key challenges regarding secure cloud storage and cloud computing security.
Guide
18 Expert Tips for Effective and Secure Cloud Migration
Organizations are increasingly migrating to the cloud to process their IT resources. Gartner predicts that cloud data centers will process 92 percent of workloads by 2020 1 , while Cisco forecasts cloud workloads to increase 3.2x in that span of time 2 . Under the Shared Responsibility Model, migrating organizations need to ensure security in the cloud by taking adequate measures to protect their...
Guide
Cloud Control Buyer's Guide
Introduction The world of IT is moving to the cloud for flexibility, on-demand computing resources, and speed just to name a few benefits. Market data varies but estimates of cloud usage show that in the range of 20–25% of overall compute workloads are operating in public cloud environments today, with that expected to grow to 50% over the next 5–10 years. However, most organizations haven’t moved...
Guide
Cloud Article Anthology, vol. 1
Security leaders charged with reducing their organizations’ cloud attack surfaces have to stay continually up-to-date in a security landscape that changes in the blink of an eye. This anthology of insights from some of Tripwire’s leading cloud experts will help you understand how to prioritize and tackle your cloud security imperatives. Download your copy now to learn: Eight cloud security best...
Datasheet
Implementing FISMA SI-7
To enhance your Federal Information Security Management Act (FISMA) compliance grade, you must implement one of the most challenging controls in NIST SP 800-53: the Controls, Family: System Information & Integrity (SI) 7 requirement. SI-7 states that organizations must employ automated and centrally managed integrity verification tools to detect unauthorized change. This level of visibility can be...
Datasheet
Tripwire Cloud Deployment Services
Cloud computing has transformed business and government at an extraordinary pace by delivering business-supporting technology more efficiently than ever. The cloud has changed the way IT thinks about how to design and deliver computing technology applications and, according to Gartner, by 2015 10% of enterprise IT security will be delivered in the cloud. What if enterprises could improve IT...
Datasheet
Meeting FISMA SI-7 with Tripwire Integrity Monitoring
To enhance your Federal Information Security Management Act (FISMA) compliance grade, you must implement one of the most challenging controls in NIST SP 800-53: the Controls, Family: System Information & Integrity (SI) 7 requirement. SI-7 states that organizations must employ automated and centrally managed integrity verification tools to detect unauthorized change. This level of visibility can be...
Datasheet
Cloud Data Security: Implementing Smarter Cloud Security
The trend of mass migration to the cloud brings benefits like lower operating costs, easier deployability, and the flexibility of an elastic environment. However, it’s crucial to understand that the responsibility to secure your cloud infrastructure still falls on your organization. Cloud providers allow organizations to take advantage of their infrastructure, resulting in a shared model for...
Datasheet
Automating FISMA Compliance with Tripwire Security Configuration Management
FISMA requires federal agencies, and by extension, the foundations, educational institutions, organizations that receive federal funds as well as the contractors that do business with them, to develop, document, and implement information security programs to protect the confidentiality, integrity and availability of the data and systems that support government operations and assets. In meeting...
Blog
VERT Threat Alert: August 2022 Patch Tuesday Analysis
By Tyler Reguly on Tue, 08/09/2022
Today’s Patch Tuesday VERT Alert addresses Microsoft’s August 2022 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1015 on Wednesday, August 10th. In-The-Wild & Disclosed CVEs CVE-2022-34713 According to Microsoft, CVE-2022-34713 is a variant of the Dogwalk vulnerability . There has been a lot of Twitter discussion around this Dogwalk as...
Blog
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022
By Andrew Swoboda on Mon, 08/08/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 1 st , 2022. I’ve also included some comments on these stories. Windows 11 Smart App Control blocks files used to push malware Smart App Control, a Windows 11...
Blog
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022
By Andrew Swoboda on Mon, 08/01/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of July 25, 2022. I’ve also included some comments on these stories. SonicWall fixed critical SQLi in Analytics and GMS products Security company SonicWall addressed a...
Guide
Cybersecurity for Work-From-Home Tools
This guide covers the biggest challenges securing work-from-home tools and three actionable steps you can take to overcome them.
Blog
VERT Threat Alert: July 2022 Patch Tuesday Analysis
By Tyler Reguly on Tue, 07/12/2022
Today’s VERT Alert addresses Microsoft’s July 2022 Security Updates . VERT is actively working on coverage for these Patch Tuesday vulnerabilities and expects to ship ASPL-1011 on Wednesday, July 13th. In-The-Wild & Disclosed CVEs CVE-2022-22047 Microsoft is reporting this month that a single vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) is the only one that has seen active...
Blog
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022
By Andrew Swoboda on Mon, 06/27/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 20, 2022. I’ve also included some comments on these stories. Over a Dozen Flaws Found in Siemens' Industrial Network Management System Cybersecurity researchers have...
Blog
VERT Threat Alert: June 2022 Patch Tuesday Analysis
By Tyler Reguly on Tue, 06/14/2022
Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th. In-The-Wild & Disclosed CVEs None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However, Microsoft did update last month’s security...
Blog
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022
By Andrew Swoboda on Mon, 06/13/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories. Another nation-state actor exploits Microsoft Follina to attack European and US entities A nation-state...
Blog
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022
By Andrew Swoboda on Mon, 06/06/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 30, 2022. I’ve also included some comments on these stories. Vendor Refuses to Remove Backdoor Account That Can Facilitate Attacks on Industrial Firms Korenix JetPort...
Blog
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022
By Andrew Swoboda on Mon, 05/23/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 16, 2022. I’ve also included some comments on these stories. Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability The U.S. Cybersecurity and...