Resources

Guide

Five Critical Steps of a Complete Security Risk and Compliance Lifecycle

Maintaining security and compliance in today’s ever changing environment is a never ending task. To manage that task, the most successful companies adopt a systematic approach that promotes continuous improvement. Tripwire is a leading provider of enterprise-class foundational controls for security, compliance and IT operations. Tripwire worked with its most successful customers to understand...

Guide

Physical Cybersecurity: ICS Attack Scenarios and CIP-007 R1

The premise of a January 27, 2015, article by CNBC is that there is good evidence that a cyber attack against nearly any country’s critical infrastructure could be imminent. This kind of reporting has become so commonplace, but this doesn’t seem like just more FUD (fear, uncertainty, and doubt) journalism. ...

Guide

Combating the Insider Threat

Guide

Securing the Cyber EO's Four Critical Frontiers

Guide

Governance, Risk, and Compliance

Governance, Risk & Compliance, or Generating Real Capability! How do we use GRC as a business enabler, and focus on the benefits it brings?

Guide

Five Tips for NERC CIP Audits

Guide

Adjusting to the Reality of Risk Management Framework

The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security. Federal entities need to understand and utilize RMF as...

Guide

Building a Mature Vulnerability Management Program

A successful vulnerability management program requires more than the right technology. It requires dedicated people and mature processes. When done properly, the result can be a continuously improving risk management system for your organization. This white paper was written by CISSP-certified Tripwire system engineers with extensive experience in implementation of vulnerability management...

Guide

The Five Stages of Vulnerability Management Maturity

One key element of an effective information security program within your organization is having a good vulnerability management (VM) program, as it can identify critical risks. Most, if not all, regulatory policies require a VM program, and information security frameworks advise implementing VM as one of first things an organization should do when building their information security program. ...

Case Study

Tripwire Enterprise Detects Solarwinds Vulnerability

2021 has been a pivotal year for cybersecurity and the emphasis that organizations have placed on its importance. Unfortunately, this push for heightened cybersecurity is reactive by nature, and is the result of a series of increasingly complicated and dangerous cyberattacks. Attacks have been successfully executed on institutions ranging from social media sites to utility plants and are projected...

Case Study

How One IT Operations Team Upgraded its Vulnerability Management with Tripwire ExpertOps

Assessing and managing vulnerabilities is a core cybersecurity practice, but it can put a heavy strain on IT security and operations teams. In many cases, introducing vulnerability management as a service is what’s necessary to overcome the challenge of accumulating vulnerabilities across complex IT environments—especially when time and resources are limited. This was the case for one mid-size U...

Case Study

Tripwire and Astro Making Best Practices a Daily Show

Blog

VERT Threat Alert: August 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/09/2022

Today’s Patch Tuesday VERT Alert addresses Microsoft’s August 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1015 on Wednesday, August 10th. In-The-Wild & Disclosed CVEs CVE-2022-34713 According to Microsoft, CVE-2022-34713 is a variant of the Dogwalk vulnerability. There has been a...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022

By Andrew Swoboda on Mon, 08/08/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 1st, 2022. I’ve also included some comments on these stories. Windows 11 Smart App Control blocks files used to...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022

By Andrew Swoboda on Mon, 08/01/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of July 25, 2022. I’ve also included some comments on these stories. SonicWall fixed critical SQLi in Analytics and GMS...

Blog

VERT Threat Alert: July 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/12/2022

Today’s VERT Alert addresses Microsoft’s July 2022 Security Updates. VERT is actively working on coverage for these Patch Tuesday vulnerabilities and expects to ship ASPL-1011 on Wednesday, July 13th. In-The-Wild & Disclosed CVEs CVE-2022-22047 Microsoft is reporting this month that a single vulnerability in the Windows Client/Server Runtime...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022

By Andrew Swoboda on Mon, 06/27/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 20, 2022. I’ve also included some comments on these stories. Over a Dozen Flaws Found in Siemens' Industrial Network...

Blog

VERT Threat Alert: June 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/14/2022

Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th. In-The-Wild & Disclosed CVEs None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However,...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

By Andrew Swoboda on Mon, 06/13/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories. Another nation-state actor exploits Microsoft Follina to...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022

By Andrew Swoboda on Mon, 06/06/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 30, 2022. I’ve also included some comments on these stories. Vendor Refuses to Remove Backdoor Account That Can...

First page
Previous page
…
4
5
6
7
8
9
10
11
12
…
Next page
Last page

Five Critical Steps of a Complete Security Risk and Compliance Lifecycle

Physical Cybersecurity: ICS Attack Scenarios and CIP-007 R1

Combating the Insider Threat

Securing the Cyber EO's Four Critical Frontiers

Governance, Risk, and Compliance

Five Tips for NERC CIP Audits

Adjusting to the Reality of Risk Management Framework

Building a Mature Vulnerability Management Program

The Five Stages of Vulnerability Management Maturity

Tripwire Enterprise Detects Solarwinds Vulnerability

How One IT Operations Team Upgraded its Vulnerability Management with Tripwire ExpertOps

Tripwire and Astro Making Best Practices a Daily Show

VERT Threat Alert: August 2022 Patch Tuesday Analysis

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022

VERT Threat Alert: July 2022 Patch Tuesday Analysis

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022

VERT Threat Alert: June 2022 Patch Tuesday Analysis

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022

Contact Information

Privacy Policy

Cookie Policy

Impressum