Tripwire has been a strategic partner to the U.S. Federal Government for over 20 years, helping thousands of federal customers improve their cybersecurity. As the pioneers of file integrity monitoring (FIM), Tripwire’s expertise is built on a history of innovation that includes over 40 patents. Teaming with parent company Belden, Tripwire also brings 100+ years of expertise and integration with...

In May 2015, Ponemon Institute and ID Experts conducted a benchmark that found that, for the first time, criminal attacks are primary cause of healthcare data breaches. This is a 125 percent increase over the past five years. Why? Because healthcare organizations and their business partners obtain and share highly valuable patient data. And, taken as a whole, the healthcare industry provides a...

The value of electronic health record (EHR) systems is immense. These digital records are designed to be available anytime and anywhere, connecting healthcare providers with patient data. EHRs are a central repository of patient medical histories, medications, diagnoses, immunization dates, allergies, lab results and radiology images. With access to this accurate patient information, providers can...

The value of electronic medical record (EMR) systems is immense. These digital records are designed to be available anytime and anywhere, connecting healthcare providers with patient data. EMRs are a central repository of patient medical histories, medications, diagnoses, immunization dates, allergies, lab results and radiology images. With this accurate and up to date patient information...

An Extremely Brief History of ICS Security Industrial control systems (ICS) proliferated before cybersecurity became the mission-critical concern it is today. The shift to new network technologies improves data collection, efficiency and time-to-market, but it also produces new cybersecurity risks: Many ICS are purpose-built and proprietary, making them out of sync with modern cybersecurity...

The trend of mass migration to the cloud brings benefits like lower operating costs, easier deployability, and the flexibility of an elastic environment. However, it’s crucial to understand that the responsibility to secure your cloud infrastructure still falls on your organization. Cloud providers allow organizations to take advantage of their infrastructure, resulting in a shared model for...

North American electric utility companies constantly balance the need to be audit-ready for NERC CIP compliance against their top priority: ensuring the reliability of the bulk electric system. NERC CIP compliance, especially when approached using manual methods, is complex, time-consuming, and prone to human error. Further, NERC CIP requirements often infer security skill sets beyond those of...

Tripwire provides an integrated suite of solutions to help solve security challenges facing organizations within today’s Department of Defense. Tripwire tools have been used within government and military organizations in both tactical and non tactical environments to ensure system hardening through security configuration management, real time threat detection with continuous monitoring, and data...

Many organizations face the challenging threat environment by strategically choosing a security controls framework as a reference for initiating, implementing, measuring, and evaluating their security posture, as well as managing risk. While many frameworks are available, one of the most notable and commonly used is the Center for Internet Security’s CIS Controls. This well known framework has the...

It’s not enough to cast a wide cybersecurity net and hope you catch the adversaries trying to compromise your data. Instead, you need to narrow your focus to make your efforts truly impactful. But which of the countless potential cybersecurity attacks out there should you choose to prioritize? MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework and the Center for...

The multiport EAGLE40 next generation firewalls offer a comprehensive cybersecurity solution to maximize uptime in today’s stringent automated environments. Ensure heightened performance capabilities with more port options, each at one gigabit per second (Gbit/s) bandwidth Protect against physical and virtual threats with ruggedized housing and Stateful and Deep Packet Inspection (SPI/DPI) modules...

Endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions play a critical role in reducing the risk of successful attacks that exploit weakly configured endpoints and systems. These solutions alert security teams on potential cyberattacks, help with remediating misconfigurations, and can be delivered via an agent or through a service in the cloud. Where EPP/EDR Can...

Building customer trust is paramount to the success of any company, but perhaps nowhere more so than in the banking industry. Cyberattack strategies are increasingly innovative, putting pressure on banks to protect their data or make the headlines when the next big breach takes place. The Bangladesh cyber heist of 2016 is one infamous example of threat actors’ ingenuity: Hackers used malware to...

FISMA requires federal agencies, and by extension, the foundations, educational institutions, organizations that receive federal funds as well as the contractors that do business with them, to develop, document, and implement information security programs to protect the confidentiality, integrity and availability of the data and systems that support government operations and assets. In meeting...

As a security professional, you’re tasked with protecting your organization against attacks, detecting threats, identifying vulnerabilities and hardening configurations. But in an increasingly crowded marketplace, how do you choose the right cybersecurity partner? From experience and technical innovation to security expertise, Fortra's Tripwire stands out from the competition. Here are 10 reasons...

Over the past several years, the number of known vulnerabilities has grown drastically, and has continued to challenge security and operations teams to keep pace with the continuing flow of new security advisories. One of the biggest problems is accurately determining which vulnerabilities present the greatest risk to prioritize remediation efforts. Most vulnerability management tools use crude...

There is a misunderstanding that if you are compliant, you are secure. This isn’t the case. For example, adhering to PCI DSS v4.0 will only allow you to tick the box to say you are PCI compliant in that moment. It gives you a snapshot in time of where you are in your compliance journey. But it won’t prevent your company from suffering a breach—along with incurring fines and reputational damages...