assets

CIS Control 4: Secure Configuration of Enterprise Assets and Software

| | assets, cis controls, configuration, enterprise, Security Configuration Management, Security Controls, software
Key Takeaways for Control 4 Most fresh installs of operating systems or applications come with pre-configured settings that are usually insecure or not properly configured with security in mind. Use the leverage ...
The State of Security

CIS Control 2: Inventory and Control of Software Assets

| | asset discovery, assets, cis controls, Security Controls, software, software inventory
Today, I will be going over CIS Control 2 from version 8 of the top 18 CIS Controls – Inventory and Control of Software Assets. Version 7 of CIS Controls had 10 ...
The State of Security

CIS Control 1: Inventory and Control of Enterprise Assets

| | assets, cis controls, enterprise, Security Controls
Since 2008, the CIS Controls have been through many iterations of refinement and improvement, leading up to what we are presented with today in CIS Controls version 8. CIS Controls reflect the ...
The State of Security

How Did the Cybersecurity Ecosystem Get So Clogged Up?

| | assets, integration, IT Security and Data Protection, Security Tools
Today’s enterprise operations involve the coordination of several different digital ecosystems but none quite so inflamed as the cybersecurity ecosystem. Technology has been evolving at a rapid pace, and attackers are armed ...
The State of Security
Risk terminology: Understanding assets, threats and vulnerabilities

Risk terminology: Understanding assets, threats and vulnerabilities

| | assets, Information Security, ISO 27001, Latest news, risk, Risk Assessments, threats, Vulnerabilities
Whether you’re addressing cyber security on your own, following ISO 27001 or using the guidance outlined in the GDPR (General Data Protection Regulation), the process begins by assessing the risks you face ...
Vigilant Software – Compliance Software Blog
Why CISOs Should Own Application Rationalization

Why CISOs Should Own Application Rationalization

| | applications, assets, CISO, software
Reducing overlap and mitigating potential security gaps are just two reasons why application rationalization is a sound strategy A major cybersecurity concern many organizations and executives may not be aware of but ...
Security Boulevard
Why does GDPR Matter in the Tech and Media Industry?

Why does GDPR Matter in the Tech and Media Industry?

| | 27001, assessment, assets, Breach, Compliance, Cyber Security, cybercomply, Data breach, data flow map, Data Mapping, data protection, EU GDPR, GDPR, GDPR compliance, General Data Protection Regulation, Information Security, isms, ISO 27001, ISO 27001 Compliance, Latest news, Privacy, regulation, risk assessment, Risk Assessments, risk treatment plan, software, statement of applicability, vsRisk
Robust have never been so high-profile. The introduction of the EU GDPR (General Data Protection Regulation) in May 2018 put personal data protection firmly in the public consciousness. Cybercrime continues to grab ...
Vigilant Software Blog
Important Security Aspects for a SaaS Company

Penetration Testing for SaaS Companies

| | agile development, agile testing, Application Security, assets, manual testing, Penetration Testing, Penetration Testing as a Service, pentesting, SaaS, security aspect, Software-as-a-Service
If you are running a SaaS company, your requirements change continuously due to a variety of factors. These factors include.. The post Penetration Testing for SaaS Companies appeared first on BreachLock ...
Blog – BreachLock

Use This NERC CIP v6 Standards Summary to Stay Compliant

| | assets, Compliance, Featured Articles, FERC, NERC CIP, training
Thanks to FERC’s Order 822, the North American Electric Reliability Corporation’s critical infrastructure protection standards, known as NERC CIP, are continually updated. Seven updated standards proposed by NERC for inclusion have now ...
The State of Security