Resources
Guide

Tripwire 2020 Skills Gap Survey

The skills gap remains one of the biggest challenges within the cybersecurity industry. To gain more perspective on what organizations are experiencing, Tripwire partnered with Dimensional Research to survey 342 security professionals on this issue. This study explores hiring trends, how security teams are changing, and how they plan to address the issue in the face of growing cyber threats. ...
Managed Security Services
Guide

Governance, Risk, and Compliance

Governance, Risk & Compliance, or Generating Real Capability! How do we use GRC as a business enabler, and focus on the benefits it brings?
Vulnerability & Risk Management
Compliance
Guide

Adjusting to the Reality of Risk Management Framework

The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security. Federal entities need to understand and utilize RMF as...
Vulnerability & Risk Management
Guide

Building a Mature Vulnerability Management Program

A successful vulnerability management program requires more than the right technology. It requires dedicated people and mature processes. When done properly, the result can be a continuously improving risk management system for your organization. This white paper was written by CISSP-certified Tripwire system engineers with extensive experience in implementation of vulnerability management...
Vulnerability & Risk Management
Guide

The Five Stages of Vulnerability Management Maturity

One key element of an effective information security program within your organization is having a good vulnerability management (VM) program, as it can identify critical risks. Most, if not all, regulatory policies require a VM program, and information security frameworks advise implementing VM as one of first things an organization should do when building their information security program. ...
Vulnerability & Risk Management
Product Video

Enterprise Vulnerability Management in the Cloud

Mon, 08/15/2022
See how other organizations have simplified and automated compliance reporting processes, risk scoring and prioritized remediation efforts.
Cloud Security
Vulnerability & Risk Management
Product Video

Watch a Demo of Tripwire Enterprise

Mon, 08/15/2022
Point of sale attacks are on the rise and securing POS devices cannot be a generic effort. This video shows how Tripwire addresses POS threat protection.
Vulnerability & Risk Management
VERT Threat Alert: September 2022 Patch Tuesday Analysis
Blog

VERT Threat Alert: August 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/09/2022
Today’s Patch Tuesday VERT Alert addresses Microsoft’s August 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1015 on Wednesday, August 10th. In-The-Wild & Disclosed CVEs CVE-2022-34713 According to Microsoft, CVE-2022-34713 is a variant of the Dogwalk vulnerability. There has been a...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022

By Andrew Swoboda on Mon, 08/08/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 1st, 2022. I’ve also included some comments on these stories. Windows 11 Smart App Control blocks files used to...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022

By Andrew Swoboda on Mon, 08/01/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of July 25, 2022. I’ve also included some comments on these stories. SonicWall fixed critical SQLi in Analytics and GMS...
Vulnerability & Risk Management
VERT Research
VERT Threat Alert: September 2022 Patch Tuesday Analysis
Blog

VERT Threat Alert: July 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/12/2022
Today’s VERT Alert addresses Microsoft’s July 2022 Security Updates. VERT is actively working on coverage for these Patch Tuesday vulnerabilities and expects to ship ASPL-1011 on Wednesday, July 13th. In-The-Wild & Disclosed CVEs CVE-2022-22047 Microsoft is reporting this month that a single vulnerability in the Windows Client/Server Runtime...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022

By Andrew Swoboda on Mon, 06/27/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 20, 2022. I’ve also included some comments on these stories. Over a Dozen Flaws Found in Siemens' Industrial Network...
Vulnerability & Risk Management
VERT Research
VERT Threat Alert: June 2022 Patch Tuesday Analysis
Blog

VERT Threat Alert: June 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/14/2022
Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th. In-The-Wild & Disclosed CVEs None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However,...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

By Andrew Swoboda on Mon, 06/13/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories. Another nation-state actor exploits Microsoft Follina to...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022

By Andrew Swoboda on Mon, 06/06/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 30, 2022. I’ve also included some comments on these stories. Vendor Refuses to Remove Backdoor Account That Can...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022

By Andrew Swoboda on Mon, 05/23/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 16, 2022. I’ve also included some comments on these stories. Watch Out! Hackers Begin Exploiting Recent Zyxel...
Vulnerability & Risk Management
VERT Research
VERT Threat Alert: June 2022 Patch Tuesday Analysis
Blog

VERT Threat Alert: May 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/10/2022
Today’s VERT Alert addresses Microsoft’s May 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1002 on Wednesday, May 11th. CVE-2022-26925 In-The-Wild & Disclosed CVEs Based on Microsoft’s limited documentation, this appears to be a resurgence and/or improved version of PetitPotam. This...
Vulnerability & Risk Management
VERT Research
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 2, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 2, 2022

By Editorial Staff on Mon, 05/09/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 2, 2022. I’ve also included some comments on these stories. Microsoft Azure Vulnerability Exposes PostgreSQL Databases...
Vulnerability & Risk Management
VERT Research