Blog

Delaying PCI 3.1: Time to Dance the Compliance and Security Waltz
Blog
Blog

Delaying PCI 3.1: Time to Dance the Compliance and Security Waltz

By Editorial Staff on Tue, 03/01/2016
Image The recent announcement from the Payment Card Industry Security Standards Council (PCI SSC) that it will be moving the PCI 3.1 deadline to June 2018 – giving an extra 24 months – caught my attention and reminded me of the ongoing dance between compliance and security. From a compliance and operational standpoint, the new...
Compliance
PCI DSS
Financial services data protection: Are IT pros overconfident? Infographic
Blog
Blog

Are Financial Services IT Pros Overconfident in Data Breach Detection Skills?

Fri, 01/29/2016
Tripwire studied confidence vs. knowledge of financial services IT security pros on seven key security controls necessary to detect a data breach. For many controls IT pros believed they had the information necessary to detect a breach quickly but provided contradictory information about the specific data.   Image ...
Vulnerability & Risk Management
Compliance
Keeping Up with PCI DSS 3.1
Blog
Blog

Keeping Up with PCI DSS 3.1

By Editorial Staff on Thu, 07/09/2015
Image Earlier this year, the PCI Security Standards Council officially released PCI DSS 3.1 only months after its predecessor (version 3.0) came into effect. With a typical three-year period between standard revisions, the out-of-band update caught many off guard, especially organizations still in the process of complying with the...
Compliance
PCI DSS
OpenSSL to Fix 'High' Severity Security Flaw
Blog
Blog

80% of Retailers Failed Interim PCI Compliance Assessments

By Editorial Staff on Wed, 03/11/2015
Image   Despite retailers’ continuous improvement in compliance with the Payment Card Industry (PCI) security standards, four out of five companies are still failing at interim assessments, according to Verizon’s latest report. The report highlights that the overall state of compliance grew significantly in 2014, with 20 percent of...
Compliance
PCI DSS
Blog
Blog

Apple To Add New Security Alerts Following iCloud Hack

Fri, 09/05/2014
In response to the recent debacle that exposed multiple celebrities by hackers breaking into their personal Apple accounts and leaking private images on the web, Apple has stated it plans to launch additional security alerts warning users of possible intrusion.
Vulnerability & Risk Management
Cloud Security
Blog
Blog

Intrusion detection and the “kill chain”

By Tripwire Guest Authors on Tue, 07/31/2012
Last week, I sat in on a briefing by a guy who calls himself “Four” who happens to be involved in intrusion detection for Facebook. He shared some interesting perspective at the Black Hat conference through a discussion of ”Intrusion Detection Along the Kill Chain.” The information Four presented is based on the work done by Eric M. Hutchins, Michael J. Cloppert, Rohan M....
Incident Detection & Investigation