10 Steps to Better Security Incident Detection

Tripwire general announcement to customers

Join us for a live preview of "Security Configuration Management For Dummies," a new book by Wiley Publishing sponsored by Tripwire. In this webcast, we'll outline how to:
•Harden systems against attack,
•Rapidly repair configuration drift, and
•Provide objective and actionable assessments of your organization’s security and compliance postures.

Qualified attendees will receive a complimentary download of the ebook!

Despite the belief of many security professionals in the value of a risk-based approach to information security, many organizations still act in ways that do not reflect this commitment. This dichotomy often leads to misplaced effort, spending and risk treatment. It is also reflected in the disconnect between executive management and those tasked with protecting the information security assets of an organization.

This webcast will provide a simple framework for executing a risk based security management program. This framework is based on some basic tenants about risk based security management:

It creates an environment of informed choice
It strives to reduce uncertainty and eliminate conjecture
It is best achieved through a plethora of relevant data
It is based on analysis of frequency of threats and vulnerabilities
It is a cyclical process involving feedback loops and explicit challenges to assumptions
This webcast will not only offer you actions you can take but also provide guidance on identifying your progress towards a risk based security program.

In the world of security, you know first-hand how difficult it can be to quantify the advantages of solutions when there are so many variables at play. Join us and listen in to Diana Kelley, IANS faculty member and analyst and Tripwire customer, Francis Ballares, IT Systems and Infrastructure Manager at a large accounting and advisory services firm as they discuss how to assess the return on security investment with Tripwire solutions.

Information security has entered the boardroom. So, how can CISOs show value to their organization in meaningful ways? In this video we outline the growing problem and Tripwire's solution.

Utilities fear the specter of the NERC auditor, new security legislation on the horizon, and cyber attacks that could shut down systems and services. But risk management framework fatigue has set in, and with so many approaches they don’t know where to begin addressing risk. In this webcast, security expert Patrick Miller describes five concrete steps common to all frameworks that offer a leg up on security and compliance.

Risk-based security management (RBSM) is rapidly gaining acceptance as an essential security practice. But how far along are organizations with it? Ponemon Institute and Tripwire teamed up to explore the state of risk management. In this webcast, hear the study’s key findings, including a strong commitment to the practice by most respondents, but little action to back it up.

Risk-based security management (RBSM) is rapidly gaining acceptance as an essential security practice. But how far along are organizations with it? Ponemon Institute and Tripwire teamed up to explore the state of risk management. In this webcast, hear the study’s key findings, including a strong commitment to the practice by most respondents, but little action to back it up.

Organisations invest heavily in their security defenses, yet many still get breached. Sadly, they frequently find out about it from a third party. So why can’t security teams detect incidents early? In this webcast, information security expert Brian Honan describes why this happens and gives advice on resources you can use and steps to take to quickly identify a potential breach.

With complex, distributed government information systems increasingly under attack from rogue nations, terrorists and cause-driven groups, IT security teams need to get a lead on the state of their systems. In this webcast, learn about an approach to continuous monitoring that offers strong protection against these threats, then see this approach with a demo.

Organizations invest heavily in their security defenses, yet many still get breached. Sadly, they frequently find out about it from a third party. So why can’t security teams detect incidents early? In this webcast, information security expert Brian Honan describes why this happens and gives advice on resources you can use and steps to take to quickly identify a potential breach.

Join us for this Lunch and Learn Webcast:

Most organizations capture log data that could indicate a breach occurred. Yet not a single breach investigated in the Verizon Data Breach Investigation Report was detected through log analysis or review. Change and configuration data provides valuable insight around the security events that matter, allowing you to identify and react quickly to potential threats. Gavin Millard will talk through the common misconceptions around the limitations of SIEM solutions and how best to leverage this increasing operational efficiency.

Your File Integrity Monitoring (FIM) solution has been taking it easy. Doing the bare minimum to meet PCI Requirement 11.5. Like a prima donna that just shows its face and expects to be applauded. Nobody in IT security gets to do that, so why should FIM? Learn how it can do a lot more to improve security. Put it to work as a host intrusion detection system (HIDS) that catches the bad guys well beyond point-of-sale systems and in-scope assets.

It’s been a long time coming: businesses really care about the organization’s state of security. But to make it relevant to business executives, they need up-leveled views of raw security data that don’t require a deep understanding of IT and security. Tripwire CTO Dwayne Melancon explains three keys to making that possible.

IT-Security-Verantwortliche in deutschen Unternehmen wissen, welche Daten sie schützen müssen und kennen die Folgen einer Datenschutzverletzung: Umsatzeinbußen, Reputations- und sogar Jobverlust. Dennoch sind die meisten der Meinung, irgendwann Opfer einer Kompromittierung zu werden oder bereits gewesen zu sein. Der optimale Einsatz der richtigen IT-Security Controls kann hier entscheidend sein. Im Webinar erfahren Sie mehr über die Ergebnisse der IDC-Studie und wie starke IT-Security Controls Ihr Unternehmen positiv beeinflussen.

Securing today’s organization is a daunting task. Gartner’s Mark Nicolett explains why and describes key compliance and security drivers, how to secure your organization, and criteria for selecting a security and compliance technology provider. Tripwire’s Dwayne Melancon adds his perspective, including a smart approach to selecting controls.

It's clear to most IT security practitioners that if you only monitor for change through periodic scans, you are probably missing changes that can introduce risk or cause non-compliance. Real-time monitoring seems to offer the panacea by allowing you to detect every change that happens, as it happens. But given the number of devices in the average enterprise IT infrastructure, you may be capturing so much data that you can't possibly see the changes that actually spell trouble.

In this webcast, Gavin Millard, Technical Director, EMEA of Tripwire uses his experience working with numerous customers to answer critical questions about real-time change monitoring, including:

- Which parts of your IT infrastructure are suitable for real-time monitoring?
- How do your monitor the IT estate without overloading the system?
- What benefits should you expect to gain from real-time monitoring?

If you are interested in learning more about best practices for implementing a real-time monitoring solution, register for this webcast and tune in to learn from someone with firsthand, practical knowledge of what works and what doesn't.