Ben Layer

The State of Security

Tripwire Configuration Manager allows for user created configuration and compliance management content via a new Policy Management capability. Custom user content can be used alongside existing cloud service provider and third-party SaaS policies, providing multiple new use cases for data gathering and expanding policy compliance support into new services. This ... Read More

Last month, we covered how Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, GCP, and other cloud-based services such as Salesforce. In this blog, we will continue our dive into cloud services and show how Tripwire Configuration Manager can monitor your Zoom environments. Zoom is a ... Read More

You may already know that Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, and Google Cloud Platform, but did you know it also has capabilities to monitor other cloud based software services such as Salesforce?   Salesforce is a popular customer relationship management (CRM) service with ... Read More

Tripwire Configuration Manager is an easy-to-use service that allows you to monitor and enforce secure configuration policies across your multi-cloud environment. The Configuration Manager free trial allows users to experience the user interface and evaluate platform capabilities for 30 days using either Tripwire demo data or your own customer data.  ... Read More

Determining the security posture for an increasing quantity of cloud accounts and services used by many organizations can feel overwhelming, but Tripwire Configuration Manager can help you find, fix, and even enforce settings for common security problems in cloud services. In this blog, we will show how the simple steps required ... Read More

Responding to the all too familiar news of compromised Amazon cloud storage, security researchers have begun leaving “friendly warnings” on AWS S3 accounts with exposed data or incorrect permissions. The misconfiguration of access control on AWS storage “buckets” has been behind numerous high profile data breaches, including Verizon, The Pentagon, Uber and FedEx. Researchers have begun taking ... Read More

There’s a common misconception that cloud providers handle security, a relic leftover from hosting providers of previous decades. The truth is, cloud providers use a shared responsibility model, leaving a lot of security up to the customer. Stories of AWS compromise are widespread, with attackers often costing organizations many thousands of dollars ... Read More

In a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices. Now I’d like to do the same thing for Microsoft Azure. I had ... Read More

A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is the product of research from the cybersecurity organizations of five nations. Those include the United States’ Cybersecurity ... Read More

Welcome to the second part of this two-part blog series for administrators who are new to the Chromebook enterprise system. In the previous blog, we discussed settings that are applicable to users and applications. In this blog, we will further explore the Chrome enterprise admin panel as we look into ... Read More