Enterprise networks regularly see change in their devices, software installations and file content. These modifications can create risk for the organization. Fortunately, companies can mitigate this risk by implementing foundational security controls. For example, enterprises can monitor their important files for change using file integrity monitoring (FIM). This security measure enables IT...

Looking at the cyberthreat landscape, millions of new devices come online every day . But there’s a shortage of qualified cybersecurity workers to protect those devices once they come online. Additionally, in almost every case, it takes minutes or less to compromise them . Simply running more vulnerability scans to collect more data and generating more alerts isn’t the answer, with more than half...

To protect against evolving digital threats, more and more organizations are employing endpoint detection and response (EDR) systems on their computer networks. EDR consists of six crucial security controls. The first two, endpoint discovery and software discovery , facilitate the process of inventorying each device that is connected to the network and documenting all software applications running...

Tripwire studied confidence vs. knowledge of financial services IT security pros on seven key security controls necessary to detect a data breach. For many controls IT pros believed they had the information necessary to detect a breach quickly but provided contradictory information about the specific data.

This is the conclusion to a three-part series of building a successful vulnerability management program. The first installment focused on Stage One , the vulnerability scanning progress. Without a foundation of people and process, the remaining stages are prone to failure. The second installment focused on Stage Two and Three , using a vulnerability scanning technology to discover and inventory...

Recently, I introduced a three-part series on how to build a successful vulnerability management program. The first installment examined Stage 1 , the vulnerability scanning process. My next article investigates Stages 2 (asset discovery and inventory) and 3 (vulnerability detection), which occur primarily using the organization’s technology of choice for vulnerability scanning. In this case, the...

An enterprise vulnerability management program can reach its full potential when it is built on well-established foundational goals that address the information needs of all stakeholders, its output is tied back to the goals of the enterprise, and there is a reduction in the overall risk of the organization. Such vulnerability management technology can detect risk but it requires a foundation of...