IT Security News & Blog

Are You Really Still Using Tripwire Enterprise?
22 November 2018
Heavy is the head that wears the crown, is the old saying which comes to mind when I think of Tripwire Enterprise. A solution which has sat at the top of its game for so long that there is only conceivable one direction left....
How to Achieve SWIFT CSP Mandatory Controls with Time to Spare
1 September 2018
Have you ever met an IT manager, administrator, CISO or compliance officer who had a lot of time on their hands? No, me neither. If they exist, then they are certainly a rare breed!...
What is a ServiceNow Closed-Loop Change Management Process?
21 August 2018
If you or your organisation uses the very popular ServiceNow solution for change management, how do you accurately ensure that intended changes were delivered as requested and approved? Do you assume changes have been made successfully and correctly, if there was no post-change feedback, whether it be negative or not?...
System Hardening & CIS Benchmarks for AWS Cloud Hosted Devices
20 August 2018
How many of you use AWS or another cloud hosting provider such as Microsoft Azure or Google Cloud? The question is of course rhetorical due to the limited medium that is the blog, but in any case my experience tells me that a vast majority of readers do....
5 Reasons Why You Should be Investing in Automated System Hardening
16 August 2018
I have no doubt that like most readers, system administrators, heads of IT and CISOs, that you probably have an unending list of desired solutions and tools which you would like to deploy in your networks. Writing business cases and securing the budget for everything would be in reality, impossible; and so instead, prioritisation based on need is a critical factor in deciding what to invest in....
Tripwire Enterprise and NNT Change Tracker (Who Would Win in a Fight?)
13 July 2018
When it comes to FIM (File Integrity Monitoring) and secure configuration management. there are two main solution vendors worth considering. Tripwire Enterprise and NNT Change Tracker. Both have impressive existing customer rosters and reputations; are multi-million pound businesses and have an international presence. But which solution is better?...
What is File Integrity Monitoring and How Does it Work?
7 June 2018
FIM or File Integrity Monitoring, is without a doubt a highly important layer of defence in any network worth protecting. Required by data security standards such as PCI-DSS and recommended by auditors and security practitioners globally. FIM monitors critical system files, operating system components and even network devices for unauthorised changes....
Achieving PCI-DSS with File Integrity Monitoring
4 June 2018
Has there ever been a more confusing data security standard than the PCI-DSS? Even now, thirteen years on from its initial release, a clear understanding of what you need to achieve to be compliant may still be a challenge....
How to Eliminate FIM Change Noise Once and For All
3 June 2018
For some, a FIM (File Integrity Monitoring) solution is a compliance necessity, for others it features as a core component of their change management process. In either case, file integrity monitoring provides a mechanism for alerting when applications, system files or configurations change unexpectedly....