Blog
What Is an Axon Agent, and Why Do You Need One?
By Michael Betti on Mon, 04/15/2024
The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these...
Blog
VERT Threat Alert: April 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 04/09/2024
Today’s VERT Alert addresses Microsoft’s April 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
CVE-2024-26234
This CVE describes a Proxy Driver Spoofing Vulnerability that, thanks to Microsoft’s new CWE listings, we...
Blog
Exploring Advanced Tripwire Enterprise Capabilities
By John Salmi on Fri, 04/05/2024
In today's digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While many of these tools are important and necessary, organizations often don't use them...
Blog
Bake-off: Ensuring Security in the Cyber Kitchen
By Chris Hudson on Wed, 03/27/2024
I’ll start this one with an apology – I’ve been watching a lot of the TV show The Bear (which I’d highly recommend!) and thus been thinking a lot about kitchen processes and the challenges of making everything come together nicely (both in life and in a recipe). If you are unfamiliar with the show, it is a comedy-drama about a chef who manages his...
Blog
Managed Cybersecurity Services Secure Modern Environments
By Troy Thompson on Mon, 03/25/2024
In an era characterized by relentless digital transformation and interconnectedness, cybersecurity has evolved into a complex and dynamic battleground.
Businesses, governments, and individuals find themselves locked in a perpetual struggle against a relentless flood of evolving threats. From sophisticated cybercriminal syndicates to state-sponsored...
Blog
What Is Log Management and Why you Need it
By Luis Colunga on Wed, 03/20/2024
Thanks to the burgeoning supply chain, a host of IoT and work-from-home devices, and an expanding cloud presence, organizations are constantly ingesting new hardware into their IT environments. With each new line of code comes a fresh chance for a hidden vulnerability.
With each unfound weakness, attackers gain one more opportunity to gain a...
Datasheet
What Makes Fortra’s Tripwire Different
Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a profusion of vendors...
Blog
Firmware Monitoring is Just a Snapshot Away
By David Henderson on Mon, 03/18/2024
Any time the television news presents a story about cybersecurity, there is always a video of a large data center with thousands of blinking lights. Even most cybersecurity blogs will include an image of many lights on the front panels of servers, routers, and other hardware. However, most people don’t notice that the lights are usually green or...
Blog
VERT Threat Alert: March 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 03/12/2024
Today’s VERT Alert addresses Microsoft’s March 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1097 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
There were no in-the-wild or disclosed CVEs included in the March Patch Tuesday release.
CVE Breakdown by Tag
While...
Blog
File Integrity Monitoring vs. Integrity: What you need to know
By David Henderson on Mon, 03/11/2024
Using security tools to monitor activities on IP based endpoints and the resulting changes that occur pose one of the most formidable challenges to security and regulatory compliance efforts, thanks to its potential to disrupt established security measures and protocols.
Compliance frameworks, such as PCI DSS and NIST 800-53/SI-7, require...
On-Demand Webinar
Digging Deeper: Discover Advanced Tripwire Enterprise Capabilities
Thu, 02/22/2024
Most people know Fortra’s Tripwire Enterprise for its essential file integrity monitoring and security configuration management capabilities. But what about the more advanced use cases, like dealing with zero-day vulnerabilities or isolating specific systems when they contain a critical risk?
Watch the on-demand webinar presented by Forta’s Tripwire to find out more about these unique use cases...
Blog
VERT Threat Alert: February 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 02/13/2024
Today’s VERT Alert addresses Microsoft’s February 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1093 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
CVE-2024-21351
This CVE describes a bypass in the Windows SmartScreen Security Feature. At this point, these bypasses...
Blog
5 Things to Consider Before Buying a File Integrity Monitoring (FIM) Solution
By David Henderson on Fri, 01/19/2024
Imagine you’re on the tail end of installing a 100-line script. It’s five o’clock, and you’re ready to head out early for once. You run the startup script on a new server, and then – the fated error message. Something isn’t working, and only after painstakingly reviewing 67 lines of code do you realize you had the IP address wrong.
This could have...
Blog
Know Thyself and Thy Network
By Chris Hudson on Wed, 01/10/2024
The shifting sands of IT make the adage "you never know it all" ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little something about everything. I was a young man with a voracious reading appetite and an active imagination – both of which were thoroughly outpaced by...
Blog
Non-repudiation: Your Virtual Shield in Cybersecurity
By Dilki Rathnayake on Tue, 01/09/2024
In the digital world, where countless users communicate, share data, and engage in diverse activities, determining the origin and actions behind these interactions can be quite challenging. This is where non-repudiation steps in. Coupling other security factors, such as delivery proof, identity verification, and a digital signature, creates non...
Blog
VERT Threat Alert: January 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 01/09/2024
Today’s VERT Alert addresses Microsoft’s January 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1088 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
There were no in-the-wild or disclosed CVEs included in the January Patch Tuesday drop.
CVE Breakdown by Tag
While...
Blog
Operational Resilience: What It Is and Why It's Important
By Nick Hogg on Wed, 12/13/2023
Frankly stated, operational resilience is your ability to climb the mountain, no matter the weather. Businesses now need more than a good security structure to weather the storms of AI-driven threats, APTs, cloud-based risks, and hyper-distributed environments.
And more importantly, operational resilience in 2024 requires a paradigm shift....
Blog
VERT Threat Alert: December 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 12/12/2023
Today’s VERT Alert addresses Microsoft’s December 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1086 on Wednesday, December 13th.
In-The-Wild & Disclosed CVEs
CVE-2023-20588
AMD has released AMD-SB-7007 – Speculative Leaks Security Notice, which describes how some AMD processors can...
Blog
Change Variance: How Tiny Differences Can Impact Your IT World
By Chris Hudson on Mon, 11/20/2023
In the vast and ever-evolving universe of information technology, there's one constant: change (that and cliches about constants!). Servers, systems, and software – they all get updated and modified. But, have you ever stopped to consider how even tiny differences between these digital entities can sometimes lead to unexpected challenges? In the...