Blog
How to Leverage NIST Cybersecurity Framework for Data Integrity
By Lane Thames on Mon, 09/26/2022
Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity. Data integrity is the property that records have not been altered in an unauthorized manner. Tripwire is very proud to have contributed and...
Blog
Overheard at the SANS Security Awareness Summit 2022
By Anastasios Arampatzis on Thu, 09/22/2022
People have become the primary attack vector for cyber attackers around the world. As the Verizon Data Breach Investigations Report 2022 indicates, it is humans rather than technology that now represent the greatest risk to organizations. According to the SANS 2022 Security Awareness Report, the top three security risks that security professionals...
Blog
SecTor 2022: The IoT Hack Lab is Back!
By Tyler Reguly on Wed, 09/21/2022
Last year, it was great to be back at SecTor after everything was canceled in 2020. The capacity was reduced, but the Hack Lab was still plenty busy and we loved having everyone come by and visit our table and play with the gear. Even more than that, we were excited to meet up with so many friends that we hadn’t seen since 2019. We’re looking...
Blog
Top Phishing and Social Media Threats: Key Findings from the Quarterly Threat Trends & Intelligence Report
By Guest Authors on Sun, 09/18/2022
In today’s online landscape, it is crucial for organizations to stay on top of the threats that put their enterprises at risk. Agari and PhishLabs have put together their Quarterly Threat Trends & Intelligence Report detailing their analysis of phishing and social media attacks this quarter. The report presents statistics regarding the volume of...
Guide
A Tripwire Zero Trust Reference Architecture
The concept of Zero Trust Architecture is fairly straightforward. Networks and systems have been traditionally designed with the assumption that everybody inside a defined perimeter can be trusted and that everybody outside that perimeter is hostile. With that assumption, the idea of building an impenetrable wall around that perimeter makes perfect sense. Over time, and as technology has advanced,...
Guide
Climbing Vulnerability Management Mountain
Building your organization’s vulnerability management program is a daunting yet rewarding journey, similar to climbing a mountain. Doing this takes time, planning and hard work, but will be worth it when you get to the top.
To help you take on this challenge, Tripwire has outlined the five maturity levels you will use as your guide when building your program. Learn about how you can minimize risk...
Guide
Why Integrity Should Be Your Organizing Cybersecurity Principle
While integrity has been a common word in the cybersecurity lexicon for years, its meaning and use have been relatively limited. It may be time to reconsider its central role in security. The reality of always-connected networks, fluid data transfers across cloud and hybrid environments, and broadly deployed endpoints presents an opportunity to take a fresh look at integrity as an organizing...
On-Demand Webinar
How to Balance NERC CIPv6 vs. CIPv5 Compliance (and Why it Matters)
Mon, 08/15/2022
The extension of the NERC CIPv5 deadline to July 2016 means that registered entities have gained a small window of time for their compliance projects, but they now face a combined compliance deadline for CIPv5 and CIPv6 in July.
Join Nick Santora, CEO of Curricula, and Tim Erlin, Director of IT Risk & Security Strategist at Tripwire, for a discussion on the potential impact of CIPv6 on your...
On-Demand Webinar
How to Protect Against the Growing Ransomware Threat
Mon, 08/15/2022
Cybercriminals are looking for easier ways to earn higher profits from more lucrative targets. Follow these simple steps to help secure yourself from the growing ransomware threat.
On-Demand Webinar
How to Protect Against the Ransomware Epidemic
Mon, 08/15/2022
Ransomware has developed from a niche attack to a booming criminal market over the last year because the simple, turn-key business model behind ransomware infections doesn’t require any real technical skill to execute. As a result ransomware will continue to evolve and will continue to escalate for the foreseeable future.
The good news is that there are simple steps you can take today using...
On-Demand Webinar
Industrial Cybersecurity - What You Don't Know Might Hurt You
Mon, 08/15/2022
Getting a clear assessment of your assets is the first step toward developing a mature OT network or control system. A well maintained asset inventory allows your organization to quickly manage risk affecting your operations availability, reliability and safety. Industrial environments often need to map assets to NIST, ITIL, ISO, COBIT or process automation standards like ANSI/ISA99-IEC-62443. You can achieve significant efficiency improvement and save time within industrial environments by automating asset management instead of following manual spreadsheet processes. Cyber security experts David Meltzer, Chief Research Officer at Tripwire, Tony Gore, CEO at Red Trident Inc., and John Powell, Senior Critical Infrastructure Engineer at Red Trident Inc., will discuss the practical 1-2-3 basics of industrial cyber security and how to get started automating asset management. Attendees will also learn how to build an effective strategy for protecting industrial assets - networks, endpoints and controllers. Key Takeaways: Learn how to automate and simplify the inventory process and secure your assets Understand what cyber security standards may apply to your unique environment Hear real-world tips on how to prioritize and work across functional silos within your company Receive an industrial cyber security assessment checklist to help gauge your starting point
Product Video
Tripwire Threat Intelligence
Mon, 08/15/2022
Hundreds of thousands of new malware are being introduced every day. And half of legacy malware prevention systems are failing to detect zero day threats. Learn how you can better defend against these threats using Tripwire's Adaptive Threat Protection solutions.
Product Video
How Trusted Vendors Help Skillsoft Deliver Enhanced IT Security
Mon, 08/15/2022
Thanks to trusted vendors like Tripwire, Skillsoft was able to reduce its threat surface in the midst of significant corporate changes, all while achieving operational efficiency.
Blog
Tripwire Patch Priority Index for February 2021
By Lane Thames on Tue, 03/02/2021
Tripwire's February 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Apache, VMware and Microsoft.First on the patch priority list this month is a patch for Apache Tomcat. The Apache Tomcat "Ghostcat" vulnerability, identified as CVE-2020-1938, has been recently added to the Metasploit Exploit Framework.Next on the list...
Blog
The Security Wisdom of the All-Knowing CISO
By Guest Authors on Tue, 03/02/2021
Have you ever noticed how closely your role as the CISO of your organisation resembles that of the Wizard from “The Wizard of Oz?” As the Wizard, you are expected to be all-knowing, all-seeing and all-powerful. Your role is to keep everyone safe from the evils of the world while frantically pulling levers, pressing buttons and turning dials behind the...
Blog
Achieve CIS Compliance in Cloud, Container and DevOps Environments
By Ben Layer on Tue, 02/23/2021
If you are embracing DevOps, cloud and containers, you may be at risk if you’re not keeping your security methodologies up to date with these new technologies. New security techniques are required in order to keep up with current technology trends, and the Center for Internet Security (CIS) provides free cybersecurity best practices for many newer...
Blog
4 Key Cybersecurity Trends Confronting Canada’s Electric Sector
Mon, 02/22/2021
Digital attackers are increasingly targeting energy organizations including those that support national electric grids. As reported by Morning Consult, security researchers found that utilities worldwide had suffered a recorded 1,780 distributed denial-of-service (DDoS) attacks between June 15 and August 21, 2020. That’s a 595% year-over-year...
Blog
US charges North Koreans in relation to global cyber attacks
By Graham Cluley on Thu, 02/18/2021
The United States Department of Justice has charged three North Korean computer programmers with a range of cyber attacks that made headlines around the world.
The men - 31-year-old Jon Chang Hyok, Kim Il, 27, and 36-year-old Park Jin Hyok - are alleged to have been part of North Korea's Reconnaissance General Bureau (RGB), known commonly as the ...
Blog
VERT at the Movies: Cybergeddon
By Tyler Reguly on Tue, 02/16/2021
While I was teaching, one of my students asked if I had seen Cybergeddon, a film distributed by Yahoo! in 2012. I had not, so I decided it would be fun for VERT to watch the film and review it, since my hobby is writing film reviews for RotundReviews.Cybergeddon is not talked about as much as it should be given some of the background around it. It...