Blog

Blog

Tripwire Enterprise Use Cases – Advanced Monitoring

Many people remember where they were during historic events. Whether it is a personal, or a public occurrence, it’s just human nature to remember these significant moments. Every profession also has its share of memorable events. In medicine, those who were in the profession will remember where they were when they heard about the first heart...
Blog

Privacy Updates in Q3 2022: Major Developments Across the Globe

The third quarter saw some major developments across the privacy space. In the U.S., we saw a federal bill for comprehensive privacy achieve more than ever before, children’s privacy proved to remain a top concern, and the Federal Trade Commission formally began its heavily criticized “Magnuson-Moss rulemaking” process. Not to be outdone, the...
Blog

Integrity Monitoring Use Cases: Security

Compliance is an essential aspect of every organization, and in business terms, it entails ensuring that organizations of all sizes, and their personnel, comply with national and international regulations, such as GDPR, HIPAA, and SOX. When guaranteeing compliance, many firms frequently overlook security. Gary Hibberd states that compliance...
Blog

New Canadian Cyberattack Data Says 80% of SMBs Are Vulnerable

If you were to take a look at the cybersecurity news cycle, you’d be forgiven for thinking that it’s only large enterprises with expansive customer bases and budgets that are the most vulnerable to attacks. But that’s not entirely true. Even if it’s at a much smaller scale, small- and medium-sized businesses (SMBs) still have stores of sensitive...
Blog

Why Law Firms Should Use Integrity Monitoring to Maintain Confidentiality

Law firms owe their clients several types of duties, such as the duty of care, duty to provide competent representation, as well as other ethical responsibilities. Their duties even extend to former clients and must be upheld long after they no longer have a formal attorney-client relationship. More specifically, lawyers have a duty to not disclose...
Blog

Shifting Left with SAST, DAST, and SCA: Advanced Best Practices

In the past, teams incorporated security testing far after the development stage of the Software Development Lifecycle (SDLC). Security testing would influence whether the application would to proceed to production, or get passed back to the developers for remediation. This process caused delays while teams worked on remediation or, worse yet, it...
Blog

Integrity Monitoring Use Cases: Compliance

What is File Integrity Monitoring? The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations of those assets. In...
Blog

How to Fulfill Multiple Compliance Objectives Using the CIS Controls

Earlier this year, I wrote about what’s new in Version 8 of the Center for Internet Security’s Critical Security Controls (CIS Controls). An international consortium of security professionals first created the CIS Controls back in 2008. Since then, the security community has continued to update the CIS Controls to keep pace with the evolution of...
Blog

What Is FIM (File Integrity Monitoring)?

Change is prolific in organizations’ IT environments. Hardware assets change. Software programs change. Configuration states change. Some of these modifications are authorized insofar as they occur during an organization’s regular patching cycle, while others cause concern by popping up unexpectedly.Organizations commonly respond to this dynamism by...
Blog

CIS Control 14: Security Awareness and Skill Training

Users who do not have the appropriate security awareness training are considered a weak link in the security of an enterprise. These untrained users are easier to exploit than finding a flaw or vulnerability in the equipment that an enterprise uses to secure its network. Attackers could convince unsuspecting users to unintentionally provide access...
Blog

CIS Control 13: Network Monitoring and Defense

Networks form a critical core for our modern-day society and businesses. People, processes, and technologies should be in place for monitoring, detecting, logging, and preventing malicious activities that occur when an enterprise experiences an attack within or against their networks. Key Takeaways for Control 13 Enterprises should understand that...
Blog

CIS Control 12: Network Infrastructure Management

Networks form a critical core for our modern-day society and businesses. These networks are comprised of many types of components that make up the networks’ infrastructure. Network infrastructure devices can be physical or virtual and include things such as routers, switches, firewalls, and wireless access points. Unfortunately, many devices are...
Blog

CIS Control 11: Data Recovery

Data loss can be a consequence of a variety of factors from malicious ransomware to hardware failures and even natural disasters. Regardless of the reason for data loss, we need to be able to restore our data. A data recovery plan begins with prioritizing our data, protecting it while it is being stored, and having a plan to recover data. Key...
Blog

CIS Control 10: Malware Defenses

With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing the enterprise. Anti-Malware technologies have become an afterthought in many organizations, a technology that they’ve always had, always used, and never really thought about. This control serves as a reminder that this technology is...
Blog

CIS Control 09: Email and Web Browser Protections

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A...
Blog

CIS Control 08: Audit Log Management

Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular review is useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of...
Blog

CIS Control 07: Continuous Vulnerability Management

When it comes to cybersecurity, vulnerability management is one of the older technologies that still play a critical role in securing our assets. It is often overlooked, disregarded, or considered only for checkbox compliance needs, but a proper vulnerability management program can play a critical role in avoiding a series data breach. CIS Control...
Blog

CIS Control 06: Access Control Management

CIS Control 6 merges some aspects of CIS Control 4 (admin privileges) and CIS Control 14 (access based on need to know) into a single access control management group. Access control management is a critical component in maintaining information and system security, restricting access to assets based on role and need. It is important to grant, refuse,...
Blog

CIS Control 05: Account Management

Knowing who has credentials, how those credentials are granted, and how they are being used is the foundation of any secure environment. It begins with user accounts and the credentials they use. Maintaining a thorough inventory of all accounts and verifying any changes to those accounts as authorized and intentional vs unintended is paramount to...
Blog

CIS Control 04: Secure Configuration of Enterprise Assets and Software

Key Takeaways for Control 4 Most fresh installs of operating systems or applications come with pre-configured settings that are usually insecure or not properly configured with security in mind. Use the leverage provided by multiple frameworks such as CIS Benchmarks or NIST NCP to find out if your organization needs to augment or adjust any...