Datasheet
The Egypt Financial Cybersecurity Framework
Central Bank of Egypt (CBE) identified key areas of focus to tailor a cybersecurity framework to the unique requirements of the Egyptian financial sector. This framework will serve as the foundational guidance for cybersecurity capability development within this critical sector. This is the kick-off of a larger-scale effort by the CBE to build a robust and sustainable cybersecurity ecosystem...
Datasheet
Tripwire LogCenter: Centralized Log Mangement Made Simple
Given today’s environment of sophisticated security threats, security analytics solutions and regulatory compliance demands, the need for a more intelligent log solution has become clear.
Blog
Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS
By Tripwire Guest Authors on Wed, 08/31/2022
The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025. With digital commerce emerging as the largest segment in the projected $8.49 trillion global digital payments market in...
Blog
A 5 Step Checklist for Complying with PCI DSS 4.0
By Tripwire Guest Authors on Mon, 08/15/2022
In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements. Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in e-commerce and online...
PCI DSS 3.2 Prioritized Checklist
Many businesses that conduct transactions with credit or debit cards in person, online or by phone found they were behind in their preparations and compliance audits based on the latest Payment Card Industry’s Data Security Standard revision 3.2 (PCI DSS 3.2). Though the requirements have been in place since 2018, organizations should ensure continuous compliance to achieve a solid security...
Industrial Cybersecurity Attacks & Assessments
Table of Contents:
Popular ICS Assessment Services
Phase 1: ICS/SCADA Architecture Review, Asset Inventory and ICS/Isolation Review
Phase 2: Network Vulnerability Analysis
Phase 3: ICS/SCADA Security Assessment and Controls GAP Analysis
Phase 4: Documentation of Findings and Recommendations
...
On-Demand Webinar
How to Balance NERC CIPv6 vs. CIPv5 Compliance (and Why it Matters)
Mon, 08/15/2022
The extension of the NERC CIPv5 deadline to July 2016 means that registered entities have gained a small window of time for their compliance projects, but they now face a combined compliance deadline for CIPv5 and CIPv6 in July.
Join Nick Santora, CEO of Curricula, and Tim Erlin, Director of IT Risk & Security Strategist at Tripwire, for a discussion on the potential impact of CIPv6 on your...
Product Video
AAA: Getting Roadside Assistance from Tripwire
Mon, 08/15/2022
Tim Masey, Director of Enterprise Information Security at AAA, shared his company’s PCI journey: beginning with a small implementation of Tripwire, then running into roadblocks by Management for the expansion of products, and eventually moving forward with the implementation of Tripwire’s policy driven dashboards, rules and tasks for over 500 servers.
Guide
What Is CPS 234 and Who Needs to Comply with It?
In November 2018, the Australian Prudential Regulation Authority (APRA) released the Prudential Standard CPS 234 in direct response to the escalating attack landscape in the financial sector. APRA has understood these threats to be the direct result of banking services moving to more complex and heavily used digital platforms. The new standard emerged as an offshoot to the Notifiable Data Breach ...
Guide
How Finance Companies Bank on Tripwire ExpertOps
Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems. However, most breaches...
Guide
Sustaining SOX Compliance Through Automation Using COBIT Framework
Achieving compliance with the Sarbanes-Oxley Act (SOX) can be a monumental effort. Maintaining those controls and audit reporting on an ongoing basis can be even more difficult. The SEC recommends automated controls for more efficient and effective compliance results.
This white paper details the SOX requirements that are best addressed by automated controls using the COBIT framework in two core...
Guide
Five Critical Steps of a Complete Security Risk and Compliance Lifecycle
Maintaining security and compliance in today’s ever changing environment is a never ending task. To manage that task, the most successful companies adopt a systematic approach that promotes continuous improvement.
Tripwire is a leading provider of enterprise-class foundational controls for security, compliance and IT operations. Tripwire worked with its most successful customers to understand...
Guide
Security and Compliance for Remote Federal Workers
In response to the coronavirus ("COVID-19") pandemic, the Office of Management and Budget (OMB) made an unprecedented call for agencies to maximize telework flexibilities, resulting in 78 percent of the federal workforce working remotely. This abrupt and wide-scale shift to a remote work environment required agency security teams to adjust with little to no planning, placed a tremendous strain on...
Guide
PCI DSS and the CIS Controls
Benchmarks, Standards, Frameworks and Regulations: What’s the Difference?
The majority of IT security guidance to industry can be placed into one of these categories: benchmarks, standards, frameworks and regulations. Most address specific security issues and offer advice based on experience, collaborated information, authorities and activities (best practices) which have proven effective. They...