Blog

Blog

The Past, Present, and Future of File Integrity Monitoring

Also known as change monitoring, File Integrity Monitoring (FIM) solutions monitor and detect file changes that could indicate a cyberattack. They determine if and when files change, who changed them, and what can be done to restore files if those changes are unauthorized. As such, FIM solutions are useful for detecting malware and achieving compliance with regulations like PCI DSS and are a...
Blog

The Importance of Layered Cybersecurity Solutions

The threat of cyberattacks is at an all-time high. In fact, research shows that worldwide cybercrime costs are anticipated to reach $10.5 trillion annually by 2025. Cybercriminals threaten all, as 43% of cyberattacks target small enterprises. The rise of these threats underscores the importance of a robust cyber defense strategy, and one key way to do that is through layered cybersecurity...
Blog

VERT Threat Alert: October 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1127 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2024-43573A vulnerability in the Windows MSHTML Platform has seen active exploitation attacks against a spoofing vulnerability. Based on the CWE that Microsoft selected...
Blog

Monitoring Your Files for Security and Compliance

Have you ever stopped to consider all of the components that comprise a working automobile? Even a cursory examination reveals more parts than might be considered when we turn the ignition key. However, many of these components are useless when detached from the full product. A steering wheel without a car is not exactly an efficient mode of transportation.However, when multiple entities work...
Blog

Navigating the Privacy Paradox: How Organizations Can Secure Customer Data While Ensuring Convenience

Privacy and convenience have always been at odds, especially regarding digital onboarding or online sign-ups. For modern organizations, striking a balance between the two has become increasingly important. At the same time, a recent report said 53% of customers suggest that they would give up their interaction with a brand if it took longer than two minutes, while as many as 87% expect basic...
Blog

VERT Threat Alert: September 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1123 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38217Windows uses the Mark of the Web (MoTW) to identify files downloaded from the Internet. This is done by setting the NTFS Zone.Identifier alternate Data...
Blog

Navigating Change: Three Levels to Filter Out the Noise in Tech Environments

Change is relentless. Technology evolves at breakneck speed, and security practitioners face a constant barrage of updates, system tweaks, and new tools. This relentless stream of modifications can create a clutter of information, making it challenging to pinpoint what is truly important.Effectively filtering through this noise through effective change management is critical for maintaining...
Blog

Guardians of the Files: Tracing the Evolution of File Integrity Monitoring

File Integrity Monitoring (FIM) is a cybersecurity process that involves continuously monitoring files and systems to identify any unauthorized changes. FIM solutions maintain file integrity by comparing a file or system's current state to a known, trusted baseline and flagging any discrepancies. It is key for identifying security breaches, preventing data tampering, and maintaining compliance...
Blog

VERT Threat Alert: August 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s August 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1119 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2024-38178CVE-2024-38178 describes a vulnerability in the Microsoft Edge scripting engine when run in Internet Explorer Mode. On top of requiring Edge be running in...
Blog

Have You Heard About the New PCI 4.0 Section 1.2 Spec? Tripwire Makes Compliance Easy

If you’ve been keeping up with the Payment Card Industry Data Security Standard (PCI DSS), you’ll know it has a new specification that revolves around network security controls. Let’s dig into the details.A Little Back StoryIt helps to level-set for anyone who might be coming into this from a non-technical role. We all know PCI DSS (v4.0) is the payment card industry’s compliance standard for...
Blog

Navigating PCI DSS 4.0: Your Guide to Compliance Success

The transition to PCI DSS 4.0 is here. The transition period from PCI DSS 3.2 ended on March 31, 2024, so businesses in all sectors must focus on aligning their practices with the new requirements.This blog will guide you through the key points discussed by PCI experts Steven Sletten and Jeff Hall in a recent webinar held by Fortra on "PCI 4.0 is Here: Your Guide to Navigating Compliance Success....
Blog

Addressing Client-Side Risks in PCI DSS 4.0

It seems like such a short time ago that the Security Standards Council released the newest version of the Payment Card Industry Data Security Standard (PCI DSS). It has been a full year, and version 4.0 is now in effect. Industries that adhere to the Standard were given the year to implement the new changes. The Standard includes limited exceptions for specific requirements, classifying them as...
Blog

VERT Threat Alert: July 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s July 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1114 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2024-38112A vulnerability in the Windows MSHTML Platform could allow spoofing to occur. Successful exploitation of this vulnerability requires that the attacker convince...
Blog

Superior Integrity Monitoring: Getting Beyond Checkbox FIM

Contrary to what one might expect, creating a File Integrity Monitoring (FIM) system is pretty easy. Practically anyone with a modicum of Python, Perl, or development skills can write an app or script to gather a file's checksum, compare it to a list or baseline, and tell you whether or not said file has changed.But creating a good FIM solution is hard. Many inadequate checkbox File Integrity...
Blog

How to Spot a Winning NERC CIP Project

The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) regulations often make exacting demands of Fortra Tripwire's customers, requiring them to update or create new change processes and document those processes in order to comply. In any NERC CIP-centered IT\OT project, there are always crucial indicators of success - even before the project gets...
Blog

Integrity and FIM: It’s More than Just Data Security

Integrity is a vital component of any cybersecurity policy, making up one-third of the CIA Triad. However, until recently, the industry has had a limited understanding of the term, using it primarily in the context of data security. Integrity means so much more than this principle alone: it impacts every facet of an information system and can drive an organization's entire security program. ...
Blog

VERT Threat Alert: June 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s June 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1110 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2023-50868 The only disclosed vulnerability we have this month, is CVE-2023-50868, a DNSSEC protocol level vulnerability that can lead to denial of service. The...
Blog

What Is the Difference between FIM and DLP?

Threats to sensitive data are everywhere. From sophisticated cybercriminal syndicates to accidental exposure to nation-state-backed advanced persistent threat (APT) groups and everything in between, it's never been more critical for organizations to have the correct data protection tools. When designing how to protect company information from loss...
Blog

How Can FIM Protect Against Insider Threats

An insider threat is someone inside an organization – including current and former employees, partners, and contractors – who, intentionally or otherwise, put their organization at risk. They typically abuse their access to private information and privileged accounts to steal or sabotage sensitive data, often for financial gain or even revenge. ...
Blog

Measuring the Effectiveness of File Integrity Monitoring Tools

A security incident can be the result of a single unauthorised change. A few may say, 'one change is inconsequential, don't sweat the small stuff.' But when it comes to infrastructure security, the detail is of paramount importance! Just a single edit to a single line item can have a negative effect on an entire file or operating system. It's...