Resources | Tripwire


Product Video

AAA: Getting Roadside Assistance from Tripwire

Tim Masey, Director of Enterprise Information Security at AAA, shared his company’s PCI journey: beginning with a small implementation of Tripwire, then running into roadblocks by Management for the expansion of products, and eventually moving forward with the implementation of Tripwire’s policy driven dashboards, rules and tasks for over 500 servers.
Press Release

Tripwire Survey: Increase in connected devices is raising the stakes for industrial security

PORTLAND, Ore. – March 30, 2021 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of a new research report that assessed the security of connected devices across enterprise environments in 2021. Conducted for Tripwire by Dimensional Research this month, the survey evaluated the opinions of 312...

What Is CPS 234 and Who Needs to Comply with It?

In November 2018, the Australian Prudential Regulation Authority (APRA) released the Prudential Standard CPS 234 in direct response to the escalating attack landscape in the financial sector. APRA has understood these threats to be the direct result of banking services moving to more complex and heavily used digital platforms. The new standard emerged as an offshoot to the Notifiable Data Breach...

Why Integrity Should Be Your Organizing Cybersecurity Principle

While integrity has been a common word in the cybersecurity lexicon for years, its meaning and use have been relatively limited. It may be time to reconsider its central role in security. The reality of always-connected networks, fluid data transfers across cloud and hybrid environments, and broadly deployed endpoints presents an opportunity to take a fresh look at integrity as an organizing...

Verizon 2021 DBIR Response Checklist

The Verizon 2021 Data Breach Investigations Report (DBIR), which takes a deep dive into data-driven findings on the state of global cybersecurity across a number of industries, including manufacturing, healthcare, financial and public administration. This year’s report revealed trends behind 79,635 cybersecurity incidents and 5,258 confirmed data breaches across 88 countries. To help security...

Climbing Vulnerability Management Mountain

Building your organization’s vulnerability management program is a daunting yet rewarding journey, similar to climbing a mountain. Doing this takes time, planning and hard work, but will be worth it when you get to the top. To help you take on this challenge, Tripwire has outlined the five maturity levels you will use as your guide when building your program. Learn about how you can minimize risk...

Vulnerability Management Buyer's Guide

Most organizations understand the critical role that vulnerability management (VM) plays in helping them meet compliance requirements, ensure security and reduce risk. However, many organizations discover, only after investing in a solution, that it doesn’t properly address their needs. Avoiding this costly mistake can be difficult though, because at first glance many VM solutions appear similar...

15 Myths and Risk Factors in Vulnerability Management

Vulnerability management (VM) is a much talked about practice in the IT security industry. Whether it’s the debate on vulnerability scoring, how to implement a suitable VM program based on your own resources, or even trying to convince leadership a VM solution alone won’t solve all your cybersecurity issues, the debate is still strong. As one of the top three CIS Controls, VM is one of the first...

Tripwire State of Cyber Hygiene Report

Tripwire’s State of Cyber Hygiene report reveals the results of an extensive cybersecurity survey conducted in partnership with Dimensional Research. The survey examined if and how organizations are implementing security controls that the Center for Internet Security (CIS) refers to as "Cyber Hygiene." Real-world breaches and security incidents prove over and over again that many of the most...

How Finance Companies Bank on Tripwire ExpertOps

Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems. However, most breaches...

A Tripwire Zero Trust Reference Architecture

The concept of Zero Trust Architecture is fairly straightforward. Networks and systems have been traditionally designed with the assumption that everybody inside a defined perimeter can be trusted and that everybody outside that perimeter is hostile. With that assumption, the idea of building an impenetrable wall around that perimeter makes perfect sense. Over time, and as technology has advanced...

Understanding Your Attack Surface: The First Step in Risk-based Security Intelligence

As chief information security officer (CISO), it’s now a job requirement to effectively communicate with your non-technical C-suite and board of directors—preferably not just after there’s been a breach. This is the first in a series of executive white papers designed to share strategies for reducing your attack surface risk as well as how to clearly and objectively communicate your overall security posture to non-technical executives. Download this white paper and learn about: The definition of “attack surface” — and risks associated Design goals of attack surface analytics What non-technical C-suite executives and board members want

Multi-Cloud Security Best Practice Guide

When you opt to use multiple cloud providers, you’re implementing a multi-cloud strategy. This practice is increasingly common, and can refer to mixing SaaS (software as a service) and PaaS (platform as a service) offerings as well as public cloud environments that fall under the IaaS (infrastructure as a service) category. The most common public cloud environments today are Amazon Web Services...

Sustaining SOX Compliance Through Automation Using COBIT Framework

Achieving compliance with the Sarbanes-Oxley Act (SOX) can be a monumental effort. Maintaining those controls and audit reporting on an ongoing basis can be even more difficult. The SEC recommends automated controls for more efficient and effective compliance results. This white paper details the SOX requirements that are best addressed by automated controls using the COBIT framework in two core...

The Changing Role of the CISO

The chief information security officer, or CISO, is essential to the smooth and safe operation of any large organization. Over the past few years, though, the scope and scale of the CISO’s task has increased markedly. No longer simply a head of IT security, the CISO is responsible for a far wider range of cyber defenses and protective measures that extend well beyond the organization’s perimeter...

Threat Prevention is Foundational

How proper foundational controls help block today’s advanced threats

Five Critical Steps of a Complete Security Risk and Compliance Lifecycle

Maintaining security and compliance in today’s ever changing environment is a never ending task. To manage that task, the most successful companies adopt a systematic approach that promotes continuous improvement. Tripwire is a leading provider of enterprise-class foundational controls for security, compliance and IT operations. Tripwire worked with its most successful customers to understand the...