In today's digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While many of these tools are important and necessary, organizations often don't use them to their full potential. With any security tool...

Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis that I was part of reminded me that too often, the peanut butter and...

The shifting sands of IT make the adage "you never know it all" ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little something about everything. I was a young man with a voracious reading appetite and an active imagination – both of which were thoroughly outpaced by the growth of the internet and my own developing...

Network engineers and security analysts have a lot in common. Both require the ability to not only understand the problems at hand but to ascertain the moments leading to them. A typical scenario would include a request to help with a problem a customer has been experiencing. The person you are trying to assist is probably a member of the IT team in the organisation. During these situations, we...

How many security products does it take to monitor an organization? Even a small company often finds itself working with multiple monitoring tools to gain visibility into its security posture. This creates multiple blind spots, as a security analyst needs to jump between different tools with different formats and configurations to research a security incident. Adding to this problem is that the...

Tripwire recently announced the release of Tripwire Enterprise (TE), version 9.0, Axon Agent 3.27, and TE Agent 9.0.0. While the full list of features may be viewed on our web site , as a product manager, I wanted to take some time to introduce some of the changes in this new release. What’s new in Tripwire Enterprise 9.0? The first significant change is in the appearance of the interface. We...

Recent advancements in the digital landscape have led to a new kind of paradigm, one where enterprise perimeters are no longer clearly defined or limited. The rapid uptake of remote working, cloud, and IoT led to these prominent shifts, resulting in users, applications, and data no longer residing exclusively within the perimeters of the enterprise. This has led to enterprise perimeters becoming...

It’s no surprise that industrial environments have become increasingly valuable targets for malicious behavior. The State of Security has featured many cybersecurity events across myriad industrial verticals, including but not limited to chemical manufacturing , transportation , power generation and petrochemical . Several of these industries have taken great strides in improving their defense...

Many people remember where they were during historic events. Whether it is a personal, or a public occurrence, it’s just human nature to remember these significant moments. Every profession also has its share of memorable events. In medicine, those who were in the profession will remember where they were when they heard about the first heart transplant or the discovery of a cure for a particular...

Change detection is easy. What is not so easy, is reconciling change. Change reconciliation is where most organizations stumble. What was the change? When was it made? Who made it? Was it authorized? The ability to answer these questions are the elements that comprise change management. Historically, the haste of accomplishing a task consisted of a sysadmin moving full-speed ahead to satisfy the...