Identity is the New OS: Rethinking Security Boundaries in the Cloud
In traditional infrastructure, the operating system was the security boundary.
Monitoring Azure Blob Storage with CLI-Based File Integrity Monitoring
Continuing my previous post about cloud storage monitoring, I'm back with the "Azure edition" today. I'll skip the preamble about why this is important and get straight to the commands this time (but stay tuned about some additional considerations that are relevant to both AWS a…
Monitoring Amazon S3 with CLI-Based File Integrity Monitoring
Cloud object storage introduces a subtle but critical challenge for File Integrity Monitoring (FIM): there is no “file system” in the traditional sense. But that doesn't mean you shouldn't be monitoring it (given it's even more exposed than your on-premise architecture in many c…
Monitoring OpenGaussDB with Tripwire Enterprise
I've not done much with GaussDB/OpenGaussDB, so figured I'd post the process I used to setup some monitoring including the deployment itself.
Monitoring Containers - A FIM perspective
One of the common asks I get as a consultant at the moment is how best to approach monitoring containers with "FIM"... but modern Kubernetes/container platforms (e.g. Red Hat OpenShift ) change a lot of the assumptions that traditional host-based security monitoring relied on si…
Architecture Anti-Patterns
File Integrity Monitoring (FIM) and Security Configuration Management (SCM) platforms like the ones I currently work with at Fortra are deceptively simple on the surface: deploy/configure endpoints, define rules/assessments, schedule tasks, evaluate results, report.
TE External Rule Elements Example
One of the most powerful things I do with Tripwire Enterprise is add external sources to TE's change audit tracking. Whether it's an API, or a device with an unsupported SSH config, this workflow enables me to capture data and bring it along side all the rest of the compliance a…
Trigger a scan with the CCM REST API
On the theme of recent posts about scripting (and automating scanning - if you're still doing this manually, you're doing something wrong IMHO!), here's a useful script I put together to help demo how to trigger a compliance scan with Tripwire's Configuration Compliance Manager
Posting a Tripwire IP360 ASPL update with Python
This one initially threw me, so I figured I'd post the script here for others in case they run into issues:
Change Audit for Network Devices
I often post over on the Tripwire/Fortra bIog about the importance of monitoring, but don't typically talk about the "technical ins and outs" of how I approach and think about Change Audit so I'm hoping to start a series of posts about File Integrity Monitoring (FIM) aka Change…
Configuring IP360 Windows targets via group policy
Group Policy is the typical/preferred method of setting many of the requirements for Tripwire IP360 vulnerability scanning and whilst the official endpoint guide is helpful with identifying various settings, it can take time to map many of the settings to the specific GPO settin…
IP360 API with Python - Work Experience Case Study
The following was created to test a work experience student's Python skills! It was prior to the official implementation of the REST API, so uses the XML interface and as a result some of this is now slightly dated (using API Explorer for example) but it can still potentially be…
Microsoft PowerBi and Tripwire Enterprise
A common request I get is setting up Microsoft PowerBi with Tripwire Enterprise. Whilst we don't have an official "out-of-the-box" solution for this, TE's REST API makes this a pretty simple option to get started with even if you just want to use PowerBi's native web reporting:
Setting up your lab Tripwire Enterprise with Tailscale
One of the most common things I need in my lab is access to the web console for Tripwire Enterprise to do demos- but it can be a nuisance to demonstrate with a VM quickly if I'm out on the road... until Tailscale quietly made homelabs easy to remotely setup. Now, I don't even ne…
FIM, Auditing, and Configuration Compliance in Active-Active and Active-Passive Designs
In a lot of environments I walk into, clustering is treated as a resilience problem - but not always as a security one. We're busy designing for uptime, failover, scale, etc... but we don’t always design for consistency of trust across the cluster (especially for on premise depl…
Building a Vulnerability Management Program from Scratch
A post on Vulnerability Management this week on the Tripwire blog: https://www.tripwire.com/state-of-security/building-vulnerability-management-program-scratch
What's Next for Cybersecurity in 2025 and Beyond? Fortra Experts Weigh In
I got a comment in the Fortra blog today about 2025 -
The Top 10 State of Security Blog Posts From 2024
I made it to a top ten list: https://www.tripwire.com/state-of-security/top-state-security-blog-posts for my post: Bake Security Into Your Cyber Kitchen. I love writing a top ten list, but being a part of one is even more exciting- you can read the original post here: https://ww…
How to Integrate FIM with SOAR Platforms
I have another new blog up on the Tripwire State of Security site: https://www.tripwire.com/state-of-security/how-integrate-fim-soar-platforms
Security Automation – As Easy As Making Tea?
I can't deny, I always like a metaphor that makes sense to me - hence my latest blog over on the Tripwire site: https://www.tripwire.com/state-of-security/security-automation-easy-making-tea
Guest Comment on the Tripwire blog
I got to contribute to the Tripwire blog again this week with a quick comment on Cybersecurity Frameworks: What Do the Experts Have to Say? https://www.tripwire.com/state-of-security/cybersecurity-frameworks-what-do-experts-have-say
Bake-off: Ensuring Security in the Cyber Kitchen
The Bear (on Disney+ in the UK) has gotten to me (and my blog post): https://www.tripwire.com/state-of-security/bake-ensuring-security-cyber-kitchen
Where Security Starts in Your Security Projects
Security starts... by reading my latest blog post over on the Tripwire blog https://www.tripwire.com/state-of-security/where-security-starts-your-security-projects !
Know Thyself and Thy Network
Another Tripwire blog post for me this week: https://www.tripwire.com/state-of-security/know-thyself-and-thy-network
Change Variance: How Tiny Differences Can Impact Your IT World
File Integrity Monitoring and Change Audit is the two words I use the most in a week - and this blog explores Change Variance over at Tripwire: https://www.tripwire.com/state-of-security/change-variance-how-tiny-differences-can-impact-your-it-world
A Scary Story of Group Policy Gone Wrong: Accidental Misconfigurations
Does everyone have one of these: https://www.tripwire.com/state-of-security/scary-story-group-policy-gone-wrong-accidental-misconfigurations ?
Is secure-by-default an achievable reality?
I want to believe it's possible - but is it? https://www.tripwire.com/state-of-security/secure-default-achievable-reality
Learning from the Playground: The Original SOC
I can't deny, I like an oddball theme for blog posts over at Tripwire: https://www.tripwire.com/state-of-security/what-security-operations-center-soc
Root Cause Analysis for Deployment Failures
A long background of infrastructure support means I spend a lot of time thinking about RCA
ITIL For Change Management and Continuous Improvement – Powered by Tripwire
I remember my ITIL training well - hence my latest post on the Tripwire State of Security blog
A Bright Future for Forensic Analysis
A key element of Change Audit is getting good data in:
Security Journeys: From Change Management to Compliance
Was it a fad:
Professional Services in the World of Cybersecurity
Tooting my own horn somewhat over at Tripwire.com this week on the State of Security blog:
Stop Working in Silos: Integrating with APIs
My favourite topic/day job at Tripwire is my focus on my latest post:
Learning from the Playground: The Original SOC
Foundation and Fundamentals is what I'm talking about on my latest Tripwire State of Security blog: https://www.tripwire.com/state-of-security/what-security-operations-center-soc
Place your budgets on the right cybersecurity for your business
One area where security can deliver cost-savings to the business is by speeding up incident response . Though, achieving more efficient incident response may require some strategizing. Recurring incidents like AV detections or firewall intrusion alerts can be expedited by ensuri…
Integrating IP360 with AWS Lambda
I built the below script to allow users to easily scale our vulnerability management monitoring of servers deployed in AWS with automated exceptions being pulled from an S3 bucket and automatically added to Tripwire IP360 via a AWS Lambda call:
Regulatory Compliance – Holding Security Back or Forcing us to Reassess old biases?
Back tgo psychology and security controls in my latest Tripwire blog:
Regulatory Compliance in the Cloud: What you Need to Know
I've got a post up on the Tripwire blog about Regulatory Compliance this week: https://www.tripwire.com/state-of-security/regulatory-compliance-cloud
Observation vs. Monitoring: What’s the Difference in the World of Cybersecurity
I've managed to get another blog posted up on the Tripwire blog:
Cybersecurity Laws – Get Ready Today to Save Some Money Tomorrow
It feels like the UK Cyber Security Council might starting playing a bigger role in the day-to-day security conversation so I helped with a post on the Tripwire State of Security https://www.tripwire.com/state-of-security/cybersecurity-laws-get-ready-today-to-save-some-money-tom…
Google’s Office of the CISO Points the Way Towards Scaling Security
I have another new Tripwire blog this week: https://www.tripwire.com/state-of-security/googles-office-of-the-ciso-points-the-way-towards-scaling-security
Define, Reinforce and Track: Helping Develop Positive Cybersecurity Habits
I've got a new Tripwire blog post up today: https://www.tripwire.com/state-of-security/define-reinforce-and-track-helping-develop-positive-cybersecurity-habits - it's all about
Cloud-Based Storage Misconfigurations – Understanding the Security Risks and Responses
A Tripwire blog from me is up! Check it out here: https://www.tripwire.com/state-of-security/cloud-misconfigurations-understanding-security-risks-and-responses
General Tips for Children & Teens on Safer Internet Day
I got to contribute to a great team blog post this week:
Spot the Ball & Security Detection Games
I have another post up on the State of Security (Tripwire) blog: https://www.tripwire.com/state-of-security/spot-the-ball-security-detection-games
Alan Turing and the Future!
Yay - another blog up on the State of Security blog: https://www.tripwire.com/state-of-security/alan-turing-future-artificial-intelligences-reading-security-signals
Building a Security Alliance with Your Cloud Partners
Another blog over on the Tripwire site from me this week: https://www.tripwire.com/state-of-security/build-a-security-alliance-with-cloud-partners
Preventing Shadow IT from Blindsiding your Zero Trust Plan
Tripwire blog time: https://www.tripwire.com/state-of-security/preventing-blindsiding-zero-trust-plan-shadow-it
Building Your Team up to Win the Security Arms Race
I've managed another blog post on the Tripwire blog: https://www.tripwire.com/state-of-security/building-team-security-arms-race
Exploring the Tripwire IP360 API with Python 3
I've been busy re-familiarizing myself with Python now that Python 3 has tweaked the syntax just enough that I kept getting frustrated that I had to double check my syntax! At the same time, Tripwire has added some great new functionality in the REST API for Tripwire IP360, the…
Expert Thoughts on How Infosec Pros Can Make the Most of Working From Home
I weighed in on a post over at the Tripwire blog this week: https://www.tripwire.com/state-of-security/expert-thoughts-on-how-infosec-pros-can-make-the-most-of-working-from-home
Auditing Cloud Administrator Behavior
I have another post up on the Tripwire blog this week: https://www.tripwire.com/state-of-security/auditing-cloud-administrator-behavior-data-breach-preparedness
Observing a Privacy Milestone: Expert Thoughts on GDPR’s 2nd Anniversary
Another quote of mine is up on the Tripwire State of Security blog: https://www.tripwire.com/state-of-security/privacy-milestone-expert-thoughts-gdprs-2nd-anniversary
How Organizations Can Fight to Retain Talent Amidst the Infosec Skills Gap
Another guest with me is up on the Tripwire State of Security blog at How Organizations Can Fight to Retain Talent Amidst the Infosec Skills Gap
How Organizations Can Achieve Security Availability
Another blog post over at Tripwire?! Yup - https://www.tripwire.com/state-of-security/organizations-achieve-security-availability
Tripwire and Zero Trust
Tripwire and Zero Trust is my latest topic/post on the Tripwire blog: https://www.tripwire.com/state-of-security/tripwire-enterprise-zero-trust
2019-12-30-1553
A new series on the State of Security by my good self: https://www.tripwire.com/state-of-security/secure-configuration-cloud-iaas-paas-saas
How to Implement an Efficient Cloud Security Strategy: The Experts Guide
I got to add a choice "video" quote to https://www.tripwire.com/state-of-security/efficient-cloud-security-strategy-experts-guide this week if anyone is interested in hearing me "talk" securit!
Psychological Tricks of the Malware Trade
Another post over the State of Security blog - and one of my favourite topics (thanks University!) - pyschology: https://www.tripwire.com/state-of-security/psychological-tricks-malware-trade
Adding to the Toolkit
I got a post up on the Tripwire Blog about useful tools: https://www.tripwire.com/state-of-security/useful-tools-cloud-security
How Do You Measure Your Investment in Security?
Another blog - this time it's "all about the money" - over on the State of Security blog by myself: https://www.tripwire.com/state-of-security/measure-investment-security
Achieve Security Through Compliance in the Cloud
Another new State of Security blog by me is up now: https://www.tripwire.com/state-of-security/security-compliance-cloud
Lessons to Learn from Armored Cars in the Era of Cloud Computing
The Breaches That Won’t Make the Headlines
I've got another new post up on the State of Security blog: https://www.tripwire.com/state-of-security/breaches-wont-make-headlines
Catching Configuration Changes that Can Lead to Data Exposure (State of Security Blog)
Another new blog I wrote is up on the State of Security Blog exploring why Configuration Drift is a big risk - https://www.tripwire.com/state-of-security/catching-configuration-changes-data-exposure
Is Your Security Dashboard Ready for the Cloud? (State of Security Blog)
Another blog post is up on the Tripwire State of Security blog: https://www.tripwire.com/state-of-security/security-dashboard-cloud - this one is a favourite topic of - dashboards. In my previous role I'd built a lot of dashboard reporting and discovered the importance of walkin…
API's for fun and data! Tripwire IP360
The following is a tutorial I put together to take you through the process of connecting to Tripwire’s vulnerability and exposure (VnE) virtual appliance API using Python 3, capturing vulnerability scanning data and then outputting it graphically using another web service, plot.…
PowerShell, Web API's and the New-WebServiceProxy (Part 1)
There are plenty of articles out there on the basics of using API's with PowerShell's great New-WebServiceProxy cmdlet that will get you started with some basic API's, but far less posts that actually explore how to get past the simplest of queries. Once I'd gotten past the basi…
Private Cloud vs Public Cloud Security Challenges
I've got another Tripwire State of Security blog up: https://www.tripwire.com/state-of-security/private-public-cloud-security-challenges