Resources

How to Secure Your Information on AWS: 10 Best Practices
Blog

How to Secure Your Information on AWS: 10 Best Practices

By Katrina Thompson on Wed, 03/19/2025
About one in three organizations that leverage cloud service providers (CSPs) use Amazon Web Services (AWS), according to November 2024 research from Synergy Research Group. This means two things. One is that when attackers are looking to get the most out of a single exploit, they will likely craft them to target AWS systems. And two, that AWS data security best practices are a timely topic for a...
Cybersecurity
Cloud Security
AWS Security
Best Practices for Securing Your SaaS Environment
Blog

Best Practices for Securing Your SaaS Environment

By Fortra Staff on Mon, 01/27/2025
Can you imagine a modern working world without Software-as-a-Service (SaaS) applications? Productivity, communication, and project management solutions have transformed the modern workplace, enabling hybrid and remote working, helping to cut costs, and offering unprecedented opportunities for collaboration and innovation. Without them, the business world would grind to a halt.But these...
Cybersecurity
Cloud Security
Security Configuration Management
What’s the Difference Between DSPM, CSPM, and CIEM?
Blog

What’s the Difference Between DSPM, CSPM, and CIEM?

By Katrina Thompson on Mon, 12/16/2024
DSPM, CSPM, and CIEM are more than just a mouthful of acronyms. They are some of today’s most sophisticated tools for managing data security in the cloud.While they are all distinct entities and go about protecting data in different ways, the fact that they all seem to do very much the same thing can lead to a lot of confusion. This, in turn, can sell each of these unique solutions short – after...
Cybersecurity
Cloud Security
Security Configuration Management
CIS Controls v8
Blog

CIS Control 09: Email and Web Browser Protections

By Matthew Jerzewski on Wed, 12/11/2024
Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack could give an attacker an entry point...
Cybersecurity
Cloud Security
Compliance
CIS Controls
DSPM vs CSPM: Key Insights for Effective Cloud Security Management
Blog

DSPM vs CSPM: Key Insights for Effective Cloud Security Management

By Josh Breaker-Rolfe on Mon, 11/25/2024
Most modern organizations have complex IT infrastructures made up of various components like Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), public cloud, and sometimes hybrid environments. While these infrastructures bring significant benefits, including improved scalability, flexibility, and cost savings, increasing complexity has made it...
Cybersecurity
Cloud Security
Security Configuration Management
Data Security Best Practices for Cloud CRM Systems as Adoption Surges
Blog

Data Security Best Practices for Cloud CRM Systems as Adoption Surges

By Joseph Chukwube on Mon, 09/30/2024
For the past few years, the CRM market has witnessed steady growth and it is projected to reach $89 billion by 2024. Estimates are that this growth will continue into the foreseeable future. Essentially, CRM systems have come to stay and have become the backbone of many organizations.However, the bleak state of cybersecurity cuts across many industries, and CRM systems are equally vulnerable....
Cybersecurity
Cloud Security
Navigating the Cloud Chaos: 2024's Top Threats Revealed
Blog

Navigating the Cloud Chaos: 2024's Top Threats Revealed

By Kirsten Doyle on Mon, 09/16/2024
Misconfigurations (when cloud computing assets are set up incorrectly, leaving them vulnerable to unauthorized access, data breaches, and operational disruptions) and inadequate change control top the list of cloud security threats in 2024, rising from third place the year before. It's clear that the transition to cloud computing has amplified the challenges of configuration management, making it...
Cybersecurity
Cloud Security
Navigating Compliance: A Guide to the U.S. Government Configuration Baseline
Blog

Navigating Compliance: A Guide to the U.S. Government Configuration Baseline

By Dan Jamison on Wed, 07/10/2024
For cybersecurity professionals tasked with defending the public sector, tackling the U.S. Government Configuration Baseline (USGCB) is just another hurdle to a safer federal tomorrow. Part of a wide collection of necessary federal government compliance requirements, it hones in on which baseline security configurations are necessary for federally deployed IT products. While not a standalone...
Compliance
FISMA
An Introduction to AWS Security
Blog

An Introduction to AWS Security

By Gilad David Maayan on Fri, 01/12/2024
Cloud providers are becoming a core part of IT infrastructure. Amazon Web Services (AWS), the world's biggest cloud provider, is used by millions of organizations worldwide and is commonly used to run sensitive and mission-critical workloads. This makes it critical for IT and security professionals to understand the basics of AWS security and take...
Cybersecurity
Cloud Security
Cloud Security Optimization: A Process for Continuous Improvement
Blog

Cloud Security Optimization: A Process for Continuous Improvement

By Gilad David Maayan on Thu, 12/28/2023
Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage to network capabilities. The cloud optimization process involves...
Cybersecurity
Cloud Security
The 2023 ISC2 Cybersecurity Workforce Study Delves into Cloud Security and AI
Blog

The 2023 ISC2 Cybersecurity Workforce Study Delves into Cloud Security and AI

By Katrina Thompson on Mon, 12/11/2023
The security industry is at a critical juncture. Capturing the state of affairs is a recent report released by the International Information System Security Certification Consortium, or ISC2. “A perfect storm” As they state in their Executive Summary, “Our study shows that a perfect storm of economic uncertainty, rapidly emerging technologies,...
Cybersecurity
Cloud Security
The-Six-Pillars-of-Cybersecurity
Blog

The Six Pillars of Cybersecurity

By Gary Hibberd on Thu, 11/16/2023
Winter is coming In the ever-evolving landscape of cloud computing, ensuring robust security measures has never been more important. In the new ISO 27001:2022 standard, there is a new requirement for organisations to establish control of their Cloud services, which includes every flavor of cloud from Software as a Service (SaaS) to Platform as a...
Cybersecurity
Cloud Security
Cloud Watching Report: Key Takeaways
Blog

Cloud Watching Report: Key Takeaways

By Anirudh Chand on Mon, 11/13/2023
The capabilities of cloud computing have changed the digital landscape significantly, and the popularity of cloud solutions only continues to increase. According to Gartner, the market for public cloud services is expected to surpass 700 billion USD by the end of 2024. The growth of cloud technologies presents a wealth of new opportunities for IT...
Cybersecurity
Cloud Security
On-Demand Webinar

Expert Compliance Automation Tips for Financial Services

Thu, 08/17/2023
Cybersecurity compliance standards like the Payment Card Industry Data Security Standard (PCI DSS) and Society for Worldwide Interbank Financial Telecommunications (SWIFT) do an excellent job of hardening systems against breaches. This is especially important in the financial services sector, a common target for cybercriminals. This on-demand webinar presented by Senior Solutions Engineer Dan...
Compliance
CIS Controls
FISMA
GDPR
PCI DSS
SOX
Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NERC CIP
NIST
PCI DSS
SOX
Product Video

How Tripwire Helped Walgreens Take a Proactive Approach to Security

Mon, 08/15/2022
Walgreens, founded in 1901, is one of the largest pharmacy companies in the U.S., handling online and in-store sales as well as processing the prescription needs of millions of customers. It needed a security solution that would give them an integrated, all-up view into its IT ecosystem. Its Tripwire ExpertOps solution has given the company a much more proactive view and approach to its security...
Cloud Security
Guide

Multi-Cloud Security Best Practice Guide

When you opt to use multiple cloud providers, you’re implementing a multi-cloud strategy. This practice is increasingly common, and can refer to mixing SaaS (software as a service) and PaaS (platform as a service) offerings as well as public cloud environments that fall under the IaaS (infrastructure as a service) category. The most common public cloud environments today are Amazon Web Services ...
Cloud Security
Guide

Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls

The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s security and compliance...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NIST
PCI DSS
Guide

FISMA SI-7 Buyer's Guide

The FISMA SI-7 Buyer’s Guide focuses on one of the most difficult security controls agencies must adhere to: NIST 800-53 SI-7. Learn what solutions to look for.
Compliance
FISMA
Guide

Executing an Efficient Cloud Security Strategy

How do organizations execute an efficient cloud security strategy and find the right cloud security tools? Tripwire asked a range of cloud security experts to share their thoughts on some of the key challenges regarding secure cloud storage and cloud computing security.
Cloud Security