Portland, OR, USA
Apr 23, 2019 | By Megan Freshley
PCI DSS, or the Payment Card Industry Data Security Standard, is the set of regulatory requirements all organizations who process card payments must adhere to. Sounds simple enough, right? But PCI compliance can pose a major challenge to organizations if they’re not equipped with the proper knowledge and tools.
Apr 21, 2019 | By Tripwire Guest Authors
The General Data Protection Regulation (GDPR) came into force in May 2018, and by the letter of the law, virtually every business in the UK needs to comply with it. However, there are still some misconceptions surrounding the law and what it means to organisations. This can lead to difficult situations where mistakes can be made.
Apr 17, 2019 | By Tripwire Guest Authors
A person recently asked me if it was possible to implement ISO 27001 using a specific project management software product. They used the tool in the past to define project plans and make project reviews. While I told them this is entirely possible, the truth is one can implement ISO 27001 even without a project plan or any specific tools. But should they?
Apr 16, 2019 | By Onyeka Jones
The importance of a mature vulnerability management program can’t be overstated. File integrity monitoring (FIM) and security configuration management (SCM) might be the bedrock of a strong cybersecurity program, but they can only go so far. Scanning for vulnerabilities needs to be a foundational part of your program, too. The Center for Internet Security (CIS) already knows this; that’s why it ranks continuous vulnerability management (VM) as number three in its top six basic security controls.
Apr 14, 2019 | By Anastasios Arampatzis
The annual Scalar Security Study, published in February 2019 and conducted by IDC Canada, identified a new normal across the threat landscape: cybersecurity incidents, be it exfiltration, infiltration or denial of service, occur on a regular basis. Focused on small, midsize and large organizations in Canada, the study confirms that intrusions are inevitable and moreover that a majority of organizations experience successful attacks.
Jan 24, 2019 | By Tripwire
Achieving DevOps security is as much a cultural effort as it is a technical one, and quality gates present the perfect opportunity to bridge the gap. Because they function within the bounds of regular DevOps processes, tools that bake security into the CI/CD pipeline by way of quality gates are more likely to win DevOps teams over.
Mar 25, 2019 | By Tripwire
Tripwire CTO David Meltzer and Lamar Bailey, Director of Security Research and Development, discuss the main challenges and pain points as DevSecOps comes of age, sharing their recommendations and predictions in this video interview with Information Security Media Group at RSA Conference 2019.
Feb 27, 2019 | By Tripwire
Do you know what's on your ICS network? Join Tripwire industrial cybersecurity experts Zane Blomgren and Robert Landavazo in this on-demand webinar for a virtual tour of the first cohesive solution providing visibility, monitoring, and threat mitigation across the complete OT landscape.
Nov 9, 2018 | By Tripwire
Join Claroty and Tripwire for a first-ever, executive conversation on the future of industrial cybersecurity.
Nov 1, 2018 | By Tripwire
Is it time to fire your vulnerability management (VM) provider? VM is one of the most critical components of any effective security strategy, but not all VM solutions have the capabilities needed to keep pace with your organization’s goals for a mature cybersecurity program.