IT Security News & Blog
Windows 2016 Has More Than 270 Configuration Vulnerabilities
19 June 2019
How do you deploy your Windows Server images? If you are anything like the majority of IT teams out there, you download the latest ISO from the Microsoft website, maybe even use one you have downloaded in the past. Then post install you spend a couple of hours applying all the patches which have been released since....
READ BLOG
What They Do Not Tell You About Tripwire Enterprise
22 November 2018
Heavy is the head that wears the crown, is the old saying which comes to mind when I think of Tripwire Enterprise. A solution which has sat at the top of its game for so long that there is only conceivable one direction left....
READ BLOG
How to Achieve SWIFT CSP Mandatory Controls with Time to Spare
1 September 2018
Have you ever met an IT manager, administrator, CISO or compliance officer who had a lot of time on their hands? No, me neither. If they exist, then they are certainly a rare breed!...
READ BLOG
What is a ServiceNow Closed-Loop Change Management Process?
21 August 2018
If you or your organisation uses the very popular ServiceNow solution for change management, how do you accurately ensure that intended changes were delivered as requested and approved? Do you assume changes have been made successfully and correctly, if there was no post-change feedback, whether it be negative or not?...
READ BLOG
System Hardening & CIS Benchmarks for AWS Cloud Hosted Devices
20 August 2018
How many of you use AWS or another cloud hosting provider such as Microsoft Azure or Google Cloud? The question is of course rhetorical due to the limited medium that is the blog, but in any case my experience tells me that a vast majority of readers do....
READ BLOG
5 Reasons Why You Should be Investing in Automated System Hardening
16 August 2018
I have no doubt that like most readers, system administrators, heads of IT and CISOs, that you probably have an unending list of desired solutions and tools which you would like to deploy in your networks. Writing business cases and securing the budget for everything would be in reality, impossible; and so instead, prioritisation based on need is a critical factor in deciding what to invest in....
READ BLOG
Tripwire Enterprise and NNT Change Tracker (Who Would Win in a Fight?)
13 July 2018
When it comes to FIM (File Integrity Monitoring) and secure configuration management. there are two main solution vendors worth considering. Tripwire Enterprise and NNT Change Tracker. Both have impressive existing customer rosters and reputations; are multi-million pound businesses and have an international presence. But which solution is better?...
READ BLOG
What is File Integrity Monitoring and How Does it Work?
7 June 2018
FIM or File Integrity Monitoring, is without a doubt a highly important layer of defence in any network worth protecting. Required by data security standards such as PCI-DSS and recommended by auditors and security practitioners globally. FIM monitors critical system files, operating system components and even network devices for unauthorised changes....
READ BLOG
Achieving PCI-DSS with File Integrity Monitoring
4 June 2018
Has there ever been a more confusing data security standard than the PCI-DSS? Even now, thirteen years on from its initial release, a clear understanding of what you need to achieve to be compliant may still be a challenge....
READ BLOG
How to Eliminate FIM Change Noise Once and For All
3 June 2018
For some, a FIM (File Integrity Monitoring) solution is a compliance necessity, for others it features as a core component of their change management process. In either case, file integrity monitoring provides a mechanism for alerting when applications, system files or configurations change unexpectedly....
READ BLOG