Resources

ICS-Environments-and-Patch-Management-What-to-Do-If-You-Cant-Patch
Blog

ICS Environments and Patch Management: What to Do If You Can’t Patch

By Anastasios Arampatzis on Wed, 03/05/2025
The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Criminals often exploit known unpatched vulnerabilities to penetrate Industrial Control Systems (ICS) environments and disrupt critical operations. Although patch management seems like the obvious...
Vulnerability & Risk Management
File Integrity & Change Monitoring
Industrial Control Systems
Fortra Datasheet
Datasheet

Why Energy Utilities Can Count on Fortra’s Tripwire

As an energy industry professional, you understand the consequences of subpar protection and the need for reliable, iron-clad security controls. Evaluating new cybersecurity software to protect your energy environment shouldn’t involve guesswork, especially when you are trying to match capabilities to your particular needs. This datasheet provides a quick view of Tripwire’s energy solution. See...
Cybersecurity
Compliance
NERC CIP
Fortra Webinar
On-Demand Webinar

Navigating ATT&CK and Your Cybersecurity Posture

Mon, 12/16/2024
Are you interested in using the MITRE ATT&CK framework to determine your cybersecurity posture and stop the kill chain in its tracks? Or wondering how to evaluate the effectiveness of your cybersecurity tools? The MITRE ATT&CK framework helps create better informed cybersecurity teams as well as better informed cybersecurity buyers. At a time when every dollar...
Vulnerability & Risk Management
Compliance
IT Security Operations & Asset Discovery
Guide

Navigating DISA Compliance the Smart Way

The Defense Information Systems Agency (DISA) is a United States federal agency that supports the Department of Defense (DoD) with IT services, communications technology, and regulatory compliance standards for DoD-connected networks and infrastructure. This pivotal agency creates and maintains multiple facets of DoD cybersecurity, including the Cybersecurity Service Provider (CSSP) program and...
Cybersecurity
Compliance
IT Security Operations & Asset Discovery
Steps for Successful Vulnerability Management: Lessons from the Pitch
Blog

Steps for Successful Vulnerability Management: Lessons from the Pitch

By Anthony Israel-Davis on Mon, 12/09/2024
When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill, talent and luck.Now that I'm older, I watch more than I play, and I'm able to appreciate the many lessons team sports teach, especially at the professional level....
Vulnerability & Risk Management
Cybersecurity
Fortra Webinar
On-Demand Webinar

Tackling the CIS: One Control at a Time

Mon, 11/25/2024
The Center for Internet Security (CIS) Critical Security Controls (CSC) are a trusted source of truth in the cybersecurity community. Many organizations implement the CIS CSC framework to ensure their cybersecurity programs are functioning at peak effectiveness. The latest iteration, CIS CSC v8.1, was released earlier this year. In this recorded webinar, Cybersecurity Researcher at Fortra’s...
Compliance
CIS Controls
How to Integrate FIM with SOAR Platforms
Blog

How to Integrate FIM with SOAR Platforms

By Chris Hudson on Wed, 11/06/2024
File Integrity Monitoring (FIM) is a key intelligence and audit tool in an advanced security portfolio. While it is a logical component to integrate into your Security Orchestration, Automation, and Response (SOAR) tooling, it’s important to consider your approach to ensure you can gain the most benefits from it.Classify FirstThe sensible starting place for your integration is to consider your FIM...
Cybersecurity
File Integrity & Change Monitoring
The Importance of Layered Cybersecurity Solutions
Blog

The Importance of Layered Cybersecurity Solutions

By Tripwire Guest Authors on Wed, 10/16/2024
The threat of cyberattacks is at an all-time high. In fact, research shows that worldwide cybercrime costs are anticipated to reach $10.5 trillion annually by 2025. Cybercriminals threaten all, as 43% of cyberattacks target small enterprises. The rise of these threats underscores the importance of a robust cyber defense strategy, and one key way to do that is through layered cybersecurity...
Cybersecurity
File Integrity & Change Monitoring
Security Configuration Management
Fortra Webinar
On-Demand Webinar

FIM Isn’t Just for Files Anymore

Mon, 08/05/2024
File integrity monitoring was invented by Tripwire’s founder over 25 years ago and has evolved over time to become one of the most important security controls — so critical, in fact, that it’s required by major compliance standards like the Payment Card Industry Data Security Standard (PCI DSS). But what a lot of cybersecurity professionals aren’t familiar with is how FIM has expanded to include a...
File Integrity & Change Monitoring
integrity
Blog

Integrity and FIM: It’s More than Just Data Security

By Jeff Moline on Tue, 06/18/2024
Integrity is a vital component of any cybersecurity policy, making up one-third of the CIA Triad. However, until recently, the industry has had a limited understanding of the term, using it primarily in the context of data security. Integrity means so much more than this principle alone: it impacts every facet of an information system and can drive an organization's entire security program...
Cybersecurity
File Integrity & Change Monitoring
On-Demand Webinar

PCI 4.0 is Here: Your Guide to Navigating Compliance Success

Mon, 06/03/2024
The transition period from PCI DSS 3.2.1 to 4.0 ended on March 31, 2024, a date toward which many organizations have dedicated countless hours of preparation. Looking back on that time, do you know where your compliance efforts stand now? Watch PCI experts Steven Sletten and Jeff Hall in this on-demand webinar PCI 4.0 is Here: Your Guide to Navigating Compliance Success to learn how to...
Compliance
PCI DSS
Guide

Staying Current With the Transportation Security Administration’s Oil and Gas Security Directives

Escalating cyberthreats in the oil and gas industry underscore the need for substantial collaboration between public and private sectors to mitigate this national security risk, and much of this responsibility falls on the shoulders of individual pipeline operators who need to comply with the Transportation Security Administration (TSA) Security Directive.Despite being best known for its role in...
Compliance
On-Demand Webinar

Breaking Compliance Into Bite-Sized Portions

Tue, 04/23/2024
Which standards and regulations do you need to comply with? Most organizations have to prove compliance with multiple standards simultaneously to keep their systems secure and avoid audit fines. But it can be difficult to keep up with changing regulations, achieve continuous compliance, or even know where to start.This on-demand webinar presented by Fortra's Tripwire is designed to equip you with...
Compliance
Datasheet

What Makes Fortra’s Tripwire Different

Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a profusion of vendors...
Vulnerability & Risk Management
Cybersecurity
Compliance
File Integrity & Change Monitoring
Incident Detection & Investigation
Industrial Control Systems
IT Security Operations & Asset Discovery
Managed Security Services
Security Configuration Management
Know Thyself and Thy Network
Blog

Know Thyself and Thy Network

By Chris Hudson on Wed, 01/10/2024
The shifting sands of IT make the adage "you never know it all" ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little something about everything. I was a young man with a voracious reading appetite and an active imagination – both of which were thoroughly outpaced by...
Cybersecurity
File Integrity & Change Monitoring
Guide

What Cybersecurity Pros Think of Zero Trust Today

Zero trust isn’t a new model, but its influence on the cybersecurity industry has strengthened over time since 1994. Zero trust became especially top-of-mind a few years ago when remote work and cloud services took off, prompting organizational leaders to rethink the way they enforced cybersecurity controls in an increasingly perimeter-less world. Is zero trust just another cybersecurity buzzword...
Cybersecurity
Guide

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible?Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide Application Security...
Cybersecurity
Security Configuration Management
On-Demand Webinar

Best Practices for the PCI DSS 4.0 Countdown

Wed, 09/27/2023
The deadline for compliance with the Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements isn’t until March 31, 2024, but organizations that allow those remaining months to fly by without adequate preparation may face last-minute PCI panic. The best approach is to steadily reach key milestones so you’ll be fully prepared when the deadline arrives. Watch the on-demand webinar...
Compliance
PCI DSS