Compliance doesn’t protect you. It simply outlines the defenses that should have been in place. And when you’re not compliant, the gap often only comes to light after something’s gone wrong. In today’s evolving threat landscape, passing an audit isn’t enough. Security leaders need continuous visibility, actionable insights, and real-world accountability, long before an auditor ever shows up. It’s...

Today’s Patch Tuesday Alert addresses Microsoft’s August 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1169 as soon as coverage is completed.

It’s been over a decade that I’ve worked primarily in the world of File Integrity Monitoring and Secure Configuration Management, helping to ensure that hundreds of different companies are able to detect unauthorized or unexpected changes to their configurations.Security has changed a lot over that period, and yet there’s been some surprisingly consistent experiences in the field that I will often...

Cross-functional alignment is one of the most effective tools a CIO has for maintaining compliance in a fragmented regulatory environment. However, while many understand that disparate teams working together is “what it’s all about,” many CIOs may not yet realize that it’s their responsibility to take point for the process.Or, that a successful compliance outlook doesn’t mean perfection – it means...

Fortra's May 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 6 issues including spoofing, out of bounds memory access, insufficient data validation, inappropriate implementation, use after free, and heap buffer overflow vulnerabilities.Next on the...

Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. To the undoubted distress of Ascension's client base, the details of hundreds of thousands have fallen into the hands of hackers, opening up opportunities for fraud and identity theft. Breached...

Tripwire's February 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 4 remote code execution and 2 spoofing vulnerabilities.Next on the list are patches for Microsoft Office and Excel. These patches resolve 8 issues such as remote code execution and information disclosure...

January 2025’s Patch Priority Index covers Microsoft vulnerabilities in Office, Windows, .NET, SharePoint, Hyper-V, and more.

Today’s VERT Alert addresses Microsoft’s January 2025 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1139 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2025-21333The first of three Hyper-V vulnerabilities this month is a heap-based buffer overflow that leads to privilege escalation to SYSTEM. Microsoft has reported this...

Governments are responsible for carrying out their duties to defend the rights and safety of their citizens. Find out their role in the cyber landscape and how Fortra plays a part.

Today’s financial threat landscape is evolving, and firms are facing record high risk. Learn what’s causing the uptick and which essential cybersecurity practices will ke.ep you safe

In the world of cybersecurity, it's not just about keeping the bad guys out — it’s about staying one step ahead of their next move. The managed security services team at Fortra is dedicated to working with you to understand your organization’s unique security challenges and provide solutions to keep you protected against even the most sophisticated global threats. Get ready to exceed your expectations and fortify your environment like never before with Fortra.

This guest blog from Dr. Edward Amoroso, Tag Cyber provides a high-level overview of modern advances in vulnerability management and how the Fortra cybersecurity portfolio supports this important method for addressing exploitable weaknesses in an enterprise.

Simple lessons learned from the many breaches we’ve observed, like careless employees and unusual attack vectors, and ways they can be avoided.