Portland, OR, USA
Apr 11, 2021   |  By David Bisson
Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM Exchange exploit campaign.
Apr 8, 2021   |  By Tripwire Guest Authors
Hidden deep in Google’s release notes for the new version of Chrome that shipped on March 1 is a fix for an “object lifecycle issue.” Or, for the less technically inclined, a major bug. Bugs like these have been common in Chrome, leading some to wonder whether the world’s most popular web browser is as safe as it could be? Google created Chrome as a secure browser and has loaded it with a growing set of security features along the way.
Apr 7, 2021   |  By Graham Cluley
Cybercriminal extortionists have adopted a new tactic to apply even more pressure on their corporate victims: contacting the victims’ customers, and asking them to demand a ransom is paid to protect their own privacy. At the end of March, Bleeping Computer reported that the Clop ransomware gang had not stopped at threatening hacked companies and contacting journalists, but had taken the additional step of direct emailing victims’ customers whose details had been found in stolen data.
Apr 7, 2021   |  By Neil Harvey
Integrity is a word thrown around a lot in the cybersecurity space. That’s not surprising. It is one of the three components that make up the CIA Triad, after all. However, the meaning and use of the word has been relatively limited in many security circles up until now. Let’s take a look at the security industry more broadly. In most conversations dealing with integrity, data security and File Integrity Monitoring (FIM) controls often end up being the primary focal areas.
Apr 6, 2021   |  By Michael Betti
Asset management is a tricky subject. In many cases, organizations have no idea about how many assets they have, let alone where they are all located. Fortunately, there are tools that can assist with reaching your asset management goals. While Tripwire Enterprise (TE) is great for detecting unauthorized changes on your system and also for ensuring your systems are hardened (as well as stay hardened), you must first get a handle on managing the assets that you’re monitoring.
Apr 5, 2021   |  By Tripwire Guest Authors
When it comes to cybersecurity, industrial IT—consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises. It would take some time to close the gap, but concerted efforts have already been made to upgrade the security of industrial IT and improve the efficiency of OT and ICS.
Apr 5, 2021   |  By David Bisson
Organizations are increasingly turning to containers to fuel their digital transformations. According to BMC, a 2019 survey found that more than 87% of respondents were running containers—up from 55% just two years earlier. Additionally, 90% of survey participants that were running applications in containers were doing so in production. That was up from 84% in 2018 and two-thirds of surveyed IT professionals a year before that.
Apr 1, 2021   |  By Anastasios Arampatzis
The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% over the same period. Let’s face it. Critical infrastructure operators in manufacturing, aerospace, energy, shipping, chemical, oil and gas, pulp and paper, water and wastewater, and building automation are heavily relying on USB devices.
Apr 1, 2021   |  By Graham Cluley
CISA, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to urgently conduct the scans following widespread exploitation of vulnerabilities, in fear that some compromises may have remained undetected.
Mar 31, 2021   |  By Tripwire Guest Authors
Encryption has been a hot topic of discussion during the implementation phase of most data privacy laws. In the age where organizations are dealing with large volumes of data each day, the protection of this sensitive data is critical. The data, which is seen as a business-critical asset for organizations, should be protected against malicious hackers looking for opportunities to steal the data.
Mar 15, 2021   |  By Tripwire
Events like the recent Sunburst/SolarWinds and Florida water plant breaches serve as a reminder that the supply chain needs to be secured just as much as your organization’s in-house infrastructure. Protecting the supply chain is a matter of implementing the right cybersecurity controls to your multi-vendor environment, such as the 20 Center for Internet Security (CIS) Controls.
Mar 12, 2021   |  By Tripwire
Craig Young, Principal Security Researcher at Tripwire, unpacks the modern security researcher's toolkit to reverse engineer complex designs.
Feb 17, 2021   |  By Tripwire
Connected industrial systems are vulnerable to cyberattacks and operational mistakes. See how you can address remote access issues and protect your critical infrastructure with Tripwire.
Jan 5, 2021   |  By Tripwire
The Verizon Payment Security Report is a must-read for data security professionals, and the 2020 report is no exception. The theme of this year's report is 'Strategy.' In this quick video, Tripwire's Sr. Manager of R&D Anthony Israel-Davis digs a little deeper into the overarching theme—what strategy means when it comes to cybersecurity.
Dec 17, 2020   |  By Tripwire
As online sales surge, retail cybersecurity professionals are taking additional precautions to protect their organizations and their customers’ data. On top of this, the COVID-19 pandemic has driven even more consumers to turn to online shopping. Tripwire worked with Dimensional Research to better understand cybersecurity programs in the retail industry as they prepared for the holiday season.
Dec 15, 2020   |  By Tripwire
Tripwire can help you make your journey to the cloud more secure based on industry standards and best practices like the Center for Internet Security’s 20 CIS Controls. In this presentation, we highlight the cloud capabilities from Tripwire you might not already be aware of. See a guided demo of Tripwire Configuration Manager, and learn about common use cases around issues such as public vs private cloud storage security and multi-cloud compliance.
Nov 30, 2020   |  By Tripwire
As the industry's leading Secure Configuration Management (SCM) solution, Tripwire helps reduce your attack surface and risk exposure with proper system hardening and continuous configuration monitoring. See how Tripwire enables you to maintain a secure baseline configuration, monitor assets for deviations, while automating and guiding security teams for rapid repair of non-compliant systems and misconfigurations.
Nov 16, 2020   |  By Tripwire
Now more than ever, it’s important to make sure you have foundational security controls in place. Rather than recruiting and training in a scarce talent market, extend your team with a security-as-a-service model. Explore top businesses use cases for Tripwire ExpertOps with managed services experts Onyeka Jones and Jason Iler.
Oct 5, 2020   |  By Tripwire
Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks with PJ Norris, Senior Systems Engineer. Shares new research Shows common mistakes Offers solutions that help with hardening and compliance in the cloud
Sep 15, 2020   |  By Tripwire
Anthony Israel-Davis, Sr. Manager SaaS Ops at Tripwire, looks at why the risk exposure for a data breach isn't easy to calculate and how risk can be difficult for security leaders to communicate.|
Jun 4, 2019   |  By Tripwire
Learn how to use security File Integrity Monitoring effectively and strategically in your organization.
Jan 24, 2019   |  By Tripwire
Achieving DevOps security is as much a cultural effort as it is a technical one, and quality gates present the perfect opportunity to bridge the gap. Because they function within the bounds of regular DevOps processes, tools that bake security into the CI/CD pipeline by way of quality gates are more likely to win DevOps teams over.
Oct 26, 2018   |  By Tripwire
Learn how Log Management can complement SIEM, Security Analytics and Big Data tools within your organization.
Oct 26, 2018   |  By Tripwire
Establish and sustain the Four Essential Pillars of Federal Cybersecurity
Oct 1, 2018   |  By Tripwire
How to introduce security without losing the benefits of containers.
Oct 1, 2018   |  By Tripwire
Learn best practices to mitigate risk, automate compliance and reduce costs.
Sep 1, 2018   |  By Tripwire
Your 10-point DevOps Aligning DevOps and security is more than a matter of getting the right tools in place—it requires a cultural overhaul, too. That means taking a holistic approach to security that makes room for extra training and communication, as well as security tools designed specifically for DevOps. checklist.
Sep 1, 2018   |  By Tripwire
Given the challenges facing those responsible for securing enterprise computing environments, there is no better time to have the integrity talk.
Aug 1, 2018   |  By Tripwire
Building a Foundation for Cyber Integrity
Aug 1, 2018   |  By Tripwire
Your 10-point DevOps security checklist.

Tripwire is a leading provider of integrity assurance solutions that drive security, compliance and operational excellence. As the inventor of file integrity monitoring (FIM), Tripwire has a 20-year history of innovation. Tripwire’s award-winning portfolio includes configuration management, file integrity management, asset discovery, vulnerability management and log collection.

Stop Attacks, Upgrade Operations and Prove Compliance:

  • Monitor system integrity: Tripwire’s industry-leading FIM detects changes on assets across your enterprise, from on-premise data center to public cloud, and remediate them to a known and trusted state. Know who changed your systems with Tripwire Enterprise FIM.
  • Manage network vulnerabilities: Discover and profile all assets on your network with Tripwire IP360. Minimize manual effort through integration with your existing tools and processes. Get complete asset discovery with Tripwire’s easy system remediation.
  • Automate regulatory compliance: Reduce audit workload by leveraging the most extensive policy library in the industry. Automate workflows to achieve and maintain compliance over time with monitoring, audit evidence and reports.
  • Maximize operations uptime: Detect, audit and validate changes across your network to flag unauthorized changes for investigation, reduce unplanned work and speed up MTTR when incidents occur.

Protect against cyberattacks with the industry’s best foundational security controls. Detect threats, identify vulnerabilities, and harden configurations in real time with Tripwire.