Blog

Blog
Blog

SCM and NERC: What You Need to Know

By Michael Betti on Tue, 04/16/2024
Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all of these security configurations can be a daunting responsibility for security or IT teams to focus on, which is where security...
Cybersecurity
Security Configuration Management
Blog
Blog

Embracing Two-Factor Authentication for Enhanced Account Protection

By Fortra Staff on Wed, 04/10/2024
Let’s start the second quarter of the year with boosting our security posture by adopting two-factor authentication methods on our accounts to make them more secure. Two-factor authentication (2FA) is an identity and access management security method that requires two forms of identification to access resources and data. The first factor you provide is a password (often referred to as something...
Cybersecurity
Security Configuration Management
Tripwire VERT
Blog
Blog

VERT Threat Alert: April 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 04/09/2024
Today’s VERT Alert addresses Microsoft’s April 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-26234 This CVE describes a Proxy Driver Spoofing Vulnerability that, thanks to Microsoft’s new CWE listings , we know is tied to Improper Access Control . From a...
Vulnerability & Risk Management
VERT Research
AI-ML-Digital-Everest-Dodging-System-Failure-Summit-Fever
Blog
Blog

AI/ML Digital Everest: Dodging System Failure Summit Fever

By Sandy Dunn on Mon, 04/08/2024
Summit Fever Syndrome, a cause of many extreme altitude climbers' deaths, is due to a lack of oxygen and mission blindness, which leads to impaired judgment where climbers take needless risks, disregard safety precautions, and make deadly errors. Deploying AI/ML models is like climbing Mount Everest. Both climbers and AI projects chase their peaks with (sometimes too much ) determination and...
Vulnerability & Risk Management
Cybersecurity
exploring-advanced-tripwire-enterprise-capabilities
Blog
Blog

Exploring Advanced Tripwire Enterprise Capabilities

By John Salmi on Fri, 04/05/2024
In today's digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While many of these tools are important and necessary, organizations often don't use them to their full potential. With any security tool...
Cybersecurity
File Integrity & Change Monitoring
Security Configuration Management
tripwire_vert_patch_priority_index
Blog
Blog

Tripwire Patch Priority Index for March 2024

By Lane Thames on Wed, 04/03/2024
Tripwire's March 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Google, and Apple. First on the patch priority list are patches for Windows Kernel and Multiple Apple products. These CVEs (CVE-2024-21338, CVE-2024-23296, CVE-2024-23225) have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog. Up next are patches for Microsoft Edge (Chromium...
Vulnerability & Risk Management
Bake-off: Ensuring Security in the Cyber Kitchen
Blog
Blog

Bake-off: Ensuring Security in the Cyber Kitchen

By Chris Hudson on Wed, 03/27/2024
I’ll start this one with an apology – I’ve been watching a lot of the TV show The Bear (which I’d highly recommend!) and thus been thinking a lot about kitchen processes and the challenges of making everything come together nicely (both in life and in a recipe). If you are unfamiliar with the show, it is a comedy-drama about a chef who manages his deceased brother’s sandwich shop. When I see...
File Integrity & Change Monitoring
Security Configuration Management
What is Log Management, and Why Do You Need It
Blog
Blog

What Is Log Management and Why you Need it

By Luis Colunga on Wed, 03/20/2024
Thanks to the burgeoning supply chain, a host of IoT and work-from-home devices, and an expanding cloud presence, organizations are constantly ingesting new hardware into their IT environments. With each new line of code comes a fresh chance for a hidden vulnerability. With each unfound weakness, attackers gain one more opportunity to gain a foothold in the organization and compromise sensitive...
Cybersecurity
File Integrity & Change Monitoring
Security Configuration Management
Critical insights into Australia’s supply chain risk landscape
Blog
Blog

Critical insights into Australia’s supply chain risk landscape

By Anirudh Chand on Tue, 03/19/2024
Australian organizations find themselves navigating a minefield of supply chain risks, with a surge in incidents stemming from multi-party breaches. These breaches are often caused by vulnerabilities in cloud or software providers and are emerging as a challenge that demands attention and proactive strategies. From July to December 2023, 483 data breaches were reported to the Australian...
Vulnerability & Risk Management
Cybersecurity
A hand placing teh final cube to a square made up of wooden blocks that show the image of a cog surrounded by a circle of arrows
Blog
Blog

Achieving continuous compliance with Tripwire’s Security Configuration Manager

By Taha Dharsi on Tue, 03/19/2024
Security and compliance are often tightly intertwined. The main difference is that sometimes security can outpace compliance efforts. While it is easy to infer that a more secure system exceeds a compliance requirement, an auditor should not be expected to deduce the state of a system; the evidence needs to be clear. There are many factors that can cause compliance shifts. Configurations are...
Security Configuration Management
Businessman hand using antivirus symbol to block a cyber attack represented by symbols
Blog
Blog

The Importance of Host-Based Intrusion Detection Systems

By Steven Sletten on Wed, 03/13/2024
What Is a Host-Based Intrusion Detection System (HIDS)? A host-based intrusion detection system, or HIDS , is a network application that monitors suspicious and malicious behavior, both internally and externally. The HIDS’ job is to flag any unusual patterns of behavior that could signify a breach. By bringing this activity to the team’s attention, the HIDS enables in-house staff to investigate...
Cybersecurity
Incident Detection & Investigation
Security Configuration Management
Blog
Blog

VERT Threat Alert: March 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/12/2024
Today’s VERT Alert addresses Microsoft’s March 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1097 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in the March Patch Tuesday release. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are gone...
Vulnerability & Risk Management
VERT Research
Hand holding wooden cube block arranging processing management on background
Blog
Blog

Reducing Cyber Risks with Security Configuration Management

By John Stanton on Tue, 03/12/2024
Protecting sensitive data and other assets requires an organization to be adaptable and stay informed on things like the digital landscape and threat trends. While some aspects of security are within an organization’s control, it can be extremely difficult to manage all of the risks and vulnerabilities that are likely to arise. Security configuration management (SCM) is one way to take control of...
Cybersecurity
Security Configuration Management
The Role of Security Configuration Management (SCM) in Preventing Cyberattacks
Blog
Blog

The Role of Security Configuration Management (SCM) in Preventing Cyberattacks

By Jay Thakkar on Tue, 03/05/2024
In the intricate realm of cybersecurity, the relentless surge of cyber threats demands a constant reassessment of defensive strategies. Amidst this dynamic landscape, a subtle yet indispensable player takes center stage — Security Configuration Management (SCM) . This blog embarks on an insightful journey into the critical role played by SCM in the ongoing battle against cyberattacks, shedding...
Cybersecurity
Security Configuration Management
TripwireBookClub
Blog
Blog

#TripwireBookClub – Black Hat GraphQL

By Tyler Reguly on Mon, 03/04/2024
The most recent book that we’ve read over here is Black Hat GraphQL: Attacking Next Generation APIs written by Dolev Farhi and Nick Aleks . The book is described as being for, “anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing.” As someone who works primarily with REST APIs , I was more interested in the introduction that it offered to...
Vulnerability & Risk Management
Cybersecurity
Patch Priority Index
Blog
Blog

Tripwire Patch Priority Index for February 2024

By Lane Thames on Mon, 03/04/2024
Tripwire's February 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, ConnectWise, and Google. First on the patch priority list are patches for ConnectWise ScreenConnect, Microsoft Exchange Server, Microsoft Windows SmartScreen, and Microsoft Windows Internet Shortcut files. These CVEs (CVE-2024-1709, CVE-2024-21410, CVE-2024-21351, CVE-2024-21412) have been...
Vulnerability & Risk Management
Cybersecurity
Customizing Security with Security Configuration Management (SCM)
Blog
Blog

Customizing Security with Security Configuration Management (SCM)

By Michael Betti on Thu, 02/22/2024
Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a configuration change prevented many breaches. Security configuration...
Cybersecurity
Security Configuration Management
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: February 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/13/2024
Today’s VERT Alert addresses Microsoft’s February 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1093 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-21351 This CVE describes a bypass in the Windows SmartScreen Security Feature. At this point, these bypasses have become relatively common and are frequently...
Vulnerability & Risk Management
VERT Research
3 Tips for Enterprise Patch Management
Blog
Blog

3 Tips for Enterprise Patch Management

By Lane Thames on Tue, 02/13/2024
With all the technology we have today, installing software updates has become a near-daily, full-time activity. Patch management for large-scale enterprise IT systems can be one of the most stressful parts of an IT professional’s job. In today’s large and evolving IT networks where many new services are going online every day and software components are flying straight from the supply chain to the...
Vulnerability & Risk Management
The Dangers of Default: Cybersecurity in the Age of Intent-Based Configuration
Blog
Blog

The Dangers of Default: Cybersecurity in the Age of Intent-Based Configuration

By Faisal Parkar on Tue, 02/06/2024
Technology has recently been evolving at the speed of light. We have seen the onset of increased cyber threats across all industries. Gone are the times when threat actors had a specific goal and target. We now live in an age where robots collect, collate, and save information for a more opportune and profitable day. It is ever more important to understand the security measures individuals and...
Compliance
Security Configuration Management