Resources

Blog

Why Does Medical Imaging Equipment Need Better Cybersecurity?

Medical imaging cybersecurity needs to evolve to meet today’s security threats. Cyberthreats specifically targeting health care institutions have increased over recent years. More data is also at risk since patients have begun widely using telemedicine services. In addition to the risk of information theft, there is a very serious risk to patients,...
Blog

Privacy in Q2 2022: US, Canada, and the UK

The second quarter of 2022 offered plenty of positing on privacy, both in the U.S. and internationally. In the U.S., we saw the addition of another state privacy law, and a spark of hope in privacy professionals’ eyes with the introduction of tangible federal legislation. Plus, the Federal Trade Commission (FTC) is positioned to act on rulemaking...
Blog

5 Things We Learned from The Definitive Guide to Data Loss Prevention (DLP)

In the context of hybrid work, the threat of data loss is rampant. Cybersecurity systems that were once designed to operate within the confines of a network perimeter have become obsolete, with employees using various devices, networks, and applications to get their work done. As such, it’s easier than ever for companies to be vulnerable to the loss...
Blog

Black Hat USA 2022: Key Highlights

Arriving at the keynote hall for Black Hat 2022, I was immediately struck by the size of the crowd - after the seemingly endless pandemic hiatus, the cyber industry had come out in force. The mood was one of enthusiasm, and the entire place reverberated with the vibrancy of reunion. It was a great event for the industry - and for Fortra - and a few...
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 15th, 2022. I’ve also included some comments on these stories. Newly Uncovered PyPI Package Drops Fileless...
Blog

Email and cybersecurity: Fraudsters are knocking

Can you remember your first email? Either sending one, or receiving it? I certainly remember explaining to people what email was, and I also remember someone telling me they could live without their email server for "about a month before it becomes a problem".Can you imagine that now? A month without email?Emails are a necessary evilAccording to...
Blog

The State of Security: SIEM in 2022

The world of enterprise cybersecurity is exceedingly dynamic. In a landscape that is ever-changing, security professionals need to combat a class of evolving threat actors by deploying increasingly sophisticated tools and techniques. Today with enterprises operating in an environment that is more challenging than ever, Security Information and Event...
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 8st, 2022. I’ve also included some comments on these stories. Slack leaked hashed passwords from its servers for...
Blog

Interpreting the Key Points of The 2022 IBM i Marketplace Survey Results

This year marks the eighth edition of the popular IBM i Marketplace Survey Results. Each year, Fortra collects data about how companies utilize the IBM i platform and the IT enterprises it helps. Year after year, the survey has started to demonstrate long-term directions that provide useful information about the future of this entrusted technology. ...
Blog

A 5 Step Checklist for Complying with PCI DSS 4.0

In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements. Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in e-commerce and online...
On-Demand Webinar

Create Trust in Your Systems with Tripwire Enterprise

94% of unauthorized data access is through compromised servers. 90% of breaches are attributed to known and fixable vulnerabilities. It has never been more important to know your assets and how they’re configured.Organizations are turning to prescriptive guidance from proven sources, such as:The Center for Internet Security’s (CIS) BenchmarksNational Institute of Standards and Technology’s ...
On-Demand Webinar

Leveraging Change Control for Security

Implementing IT changes is imperative to the infrastructure of a business, but it can also open the door to breaches, viruses and malware, such as ransomware. So, how can organizations manage change effectively, maintain compliance and still reduce security risk? One answer lies in change management across your IT systems. Join Jeff Lawson, Sr. Director, Product Management at Tripwire, and Geoff...
On-Demand Webinar

Industrial Cybersecurity - What You Don't Know Might Hurt You

Getting a clear assessment of your assets is the first step toward developing a mature OT network or control system. A well maintained asset inventory allows your organization to quickly manage risk affecting your operations availability, reliability and safety. Industrial environments often need to map assets to NIST, ITIL, ISO, COBIT or process automation standards like ANSI/ISA99-IEC-62443. You can achieve significant efficiency improvement and save time within industrial environments by automating asset management instead of following manual spreadsheet processes. Cyber security experts David Meltzer, Chief Research Officer at Tripwire, Tony Gore, CEO at Red Trident Inc., and John Powell, Senior Critical Infrastructure Engineer at Red Trident Inc., will discuss the practical 1-2-3 basics of industrial cyber security and how to get started automating asset management. Attendees will also learn how to build an effective strategy for protecting industrial assets - networks, endpoints and controllers. Key Takeaways: Learn how to automate and simplify the inventory process and secure your assets Understand what cyber security standards may apply to your unique environment Hear real-world tips on how to prioritize and work across functional silos within your company Receive an industrial cyber security assessment checklist to help gauge your starting point
On-Demand Webinar

How Point-of-Sale Malware Works with Video Demo

Recently, we have seen increasingly sophisticated criminal syndicates targeting retailers. These groups have successfully compromised networks, exploited point-of-sale systems and exfiltrated massive amounts of credit card data from well-known retailers, including Target and more recently Home Depot, amongst many others. One of the key weapons in these criminal groups’ arsenal is customized...
On-Demand Webinar

How to Protect Against the Ransomware Epidemic

Ransomware has developed from a niche attack to a booming criminal market over the last year because the simple, turn-key business model behind ransomware infections doesn’t require any real technical skill to execute. As a result ransomware will continue to evolve and will continue to escalate for the foreseeable future. The good news is that there are simple steps you can take today using...
On-Demand Webinar

Cyber Kill Chain: Detecting Human Indicators of Compromise

Your organization’s greatest assets are also its greatest threat: People. Your greatest risk is those you trust. Last year, more than a third of data breaches were perpetrated by a malicious insider, such as an employee, contractor or trusted business partner. On average, an attack by an insider is also more likely to cost the most, averaging $412K per incident. The intentions of these insiders...
On-Demand Webinar

Advanced Analytics to Attain Risk Insights and Reduce Threat

In this informative webinar, Tripwire and Brinqa will highlight how security professionals can leverage security controls and analytics to gain more visibility and business context to protect sensitive data from breaches, vulnerabilities and threats.