Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2021

upguard

What is ITAR Compliance?

Dec 28, 2021 By Axel Sukianto In UpGuard

Most organizations, especially those in the defense trade, are finding themselves on the spot when their prime contractors ask them whether they are ITAR Certified and ITAR Compliant. Some contractors even want to know the steps you're taking to meet this regulation. As a chief information security officer, you've probably heard of CPA and GDPR compliance and their role in consumer data. But, how well are you versed with International Traffic in Arms Regulations (ITAR)?

Read Post

Practice vs Maturity in CMMC 2.0 Framework

Dec 15, 2021 By Ignyte In Ignyte
When CMMC was first introduced by the DoD, its purpose was to “normalize and standardized cybersecurity preparedness across the federal government’s Defense Industrial Base or DIB.” Essentially, they recognized a weakness in cybersecurity hygiene practices in their supply chain, and so CMMC became the standard the DIB would be “graded” by to ensure the protection of sensitive or Controlled Unclassified Information (CUI).
View Video

Kroger Uses JFrog Xray for Software Security and License Compliance

Dec 15, 2021 By JFrog In JFrog
Kroger leverages the JFrog platform to give developers visibility into their software vulnerabilities and make informed decisions on what to fix. See how Kroger has implemented secure DevOps processes with automated vulnerability scanning and open-source software (OSS) license compliance capabilities to support their development and security teams.
View Video
ignyte Team

Understanding CMMC 2.0 Scoping Guide by the Department of Defense

Dec 13, 2021 By Max Aulakh In Ignyte

The Department of Defense (DoD) has recently released new CMMC 2.0 audit and assessment scoping guides. The awaited CMMC 2.0 Level 1 and Level 2 scoping guides provide insight into how a certified CMMC third-party assessor organization (C3PAO) may scope the CMMC audit and how businesses can potentially scope their own environments. These scoping guides are critical for the CMMC audit and boundary diagrams developed as part of your business’s System Security Plan (SSP).

Read Post
ignyte Team

Dissecting FedRAMP NIST 800-53, NIST 800-171 & CMMC 2.0 Control Structure

Dec 13, 2021 By Ignyte Team In Ignyte

Today we are going to discuss controls in the context of any variation of the NIST 800-53 and NIST 800-171 requirements. NIST SP 800-53 provides us with a fundamental understanding of how government and many commercial organizations structure control language.

Read Post

Compliance Reporting Product Demo // UpGuard Summit December 2021

Dec 6, 2021 By UpGuard In UpGuard
Learn how to use UpGuard’s exciting new Compliance Reporting feature with Senior Product Manager, Chris Schubert UpGuard is a complete third-party risk and attack surface management platform, managing cyber risk across attack surfaces and third-party vendors by proactively identifying security exposures.
View Video
riskoptics

More SEC Talk on Cyber, Internal Control

Dec 1, 2021 By RiskOptics In RiskOptics
Before this particular bit of news sails downstream, internal control professionals might want to note that an SEC commissioner spoke this week about the importance of internal controls for cybersecurity. She raised a few points worth considering. The remarks came from Caroline Crenshaw, a Democratic appointee to the Securities and Exchange Commission who, in my opinion, is something of a stalking horse for SEC policy.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.