Salesforce Monitoring with Tripwire Configuration Manager

You may already know that Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, and Google Cloud Platform, but did you know it also has capabilities to monitor other cloud based software services such as Salesforce? Salesforce is a popular customer relationship management (CRM) service with rich configuration options that could lead to unintended risks if it is improperly configured.


How to get the most from dark web monitoring

A robust dark web monitoring programme ensures organisations have the ability to keep track of hidden risks and prevent any data losses from escalating into major events. In this blog post, we outline how dark web monitoring works, how to maximise its value and what to look for in an outsourced dark web monitoring service.


To Detect or Not to Detect, Is that the Question?

Tripwire Enterprise (TE) is at its heart a baselining engine. It’s been built to take information, create a baseline of it, and show when that baseline has changed. (It’s called a “version” in TE terms.) TE starts with a baseline version designated by an organization’s security teams. At some point, a change version with new information (file, registry entry, RSoP, command output, or data captured in some other way) emerges.


Don't Let Account Takeovers (ATO) Take Over Your Business

A long time ago (in the early 2000s), I was playing games online. One of my accounts was compromised – the password was changed, and multiple “high-priced” items I had earned were “traded” without my knowledge, to the account of another player. One could easily blame my simple password at that time when there were no rules around password strength. Regardless of the reason, what happened was one of the earliest versions of an account takeover (ATO) attack.


Anti-Money Laundering Compliance in 2021: How Transaction Monitoring Can Help You Keep Up with Emerging Threats

Every year, 2%-5% of the global GDP, or US$800 billion-US$2 trillion is being laundered across the globe. That’s almost equivalent to the GDP of Canada (1,643.40 billion USD in 2020) or Italy ($1,886.45 USD in 2020). Neither the record-breaking heat, nor the intense floods experienced around the world this summer seem to have stopped financial criminals from inventing new ways to hide illegal sources of their income.

Detectify expands coverage for public APIs (in development)

Our security researchers happen to be talented bug bounty hunters as well as the brains behind of Detectify's efforts to develop a leading-edge API security scanner. Why is developing a reliable API security tool so challenging? It's because every API is different, which means it’s challenging to have a standardized approach to security testing on APIs. Almroth states that the team will focus on developing an API security scanner that focuses on server-side vulnerabilities. Both share that this is going to use fuzzing techniques.

Credit Card Fraud Detection: Keeping Payments Safe with Machine Learning

Imagine, it’s a Saturday morning and you receive a call from a bank: – Hello? – Hi [insert your name], we suspect that a fraudster is trying to use your card at a grocery store in Texas. – Well, I am at a grocery store in Texas! – Oh my gosh! Do you see him? If only credit card fraud was funny.