|
By Anirban Banerjee
In this article we’ll discuss DSPM and DFPM, their similarities and differences, and the value that each one brings.
|
By Anirban Banerjee
Vendor risk management (VRM) is a process that helps businesses manage the risks associated with their vendors. This includes assessing how well their vendors are performing, identifying potential problems early, and taking appropriate action to mitigate any damage.
|
By Anirban Banerjee
Privacy is the individual’s right to control the use of their personal data, and DSAR is the mechanism by which individuals can enforce this right. This right to their own information, as used by an organization, is guaranteed by privacy laws like Europe’s General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA). If your organization collects and uses personal data, especially for European or Californian customers, you should be prepared to respond to DSARs.
|
By Anirban Banerjee
Compliance in healthcare is a critical component to preserving the sanctity of modern society. Compliance in any industry ensures adherence to a minimum set of requirements to ensure quality of service; while undoubtedly important everywhere, it’s more so in healthcare due to its direct impact on human lives. For example, while financial compliance secures the safety of our funds, healthcare compliance ensures the safety of our personal selves.
|
By Charrah Hardamon
Semgrep is a leading static application security testing (SAST) tool powered by an open-source community for surfacing bugs, discovering vulnerabilities, and enforcing code standards. Semgrep has scanned over 75 million packages, contributed to 2000 community rules, and supports over 30 coding languages. Riscosity is the leading data flow observability and security platform. This is why we’re excited to announce Ricosity’s new integration with Semgrep.
|
By Anirban Banerjee
Open source security is a term used to describe the process of protecting your organization’s data and network from attack by using open-source software. It refers to the use of open-source software (OSS) for data protection. Open source software is free to use, meaning that anyone can access it without paying fees. This allows organizations to take advantage of the collective knowledge and experience of thousands of people who have contributed code or worked on projects together.
DSPM or Data Security Posture Management is the modern approach to securing the information ecosystem. It represents a pivotal shift from the traditional castle-and-moat approach focused on IT devices to one that is focused on data.
|
By Charrah Hardamon
We’re excited to announce that Riscosity has successfully completed its SOC 2 Type II audit. This is a big effort for any organization, and it shows our commitment to protecting our customers’ sensitive data.
The core tenets of information security is to protect assets from unauthorized disclosure, prevent unauthorized changes, and to make them available as needed. These align with the CIA security triad of Confidentiality, Integrity, and Availability.
|
By Charrah Hardamon
Data lineage and data provenance are related terms, but different. Lineage focuses on the origins and movements of data over time, while provenance focuses on the transformations and derivations of data from original sources. Provenance helps teams to follow the source of data and verify its authenticity, surfacing any potential risks or vulnerabilities. In other words, lineage is more about “where” data travels, and provenance is more about the “what” of data history.
|
By Riscosity
A wonderful conversation with two amazing security leaders! We talk about compliance, security programs, API security, Software supply chain, strategies - and oh so much more. A true treat for security lovers.
|
By Riscosity
In this video we talk with two security leaders, very well known, from the Bay Area - Mike Hamilton and Barak Engel. A variety of topics, including software supply chain, data governance and APIs amongst many are discussed.
|
By Riscosity
An amazing conversation with Peeyush Ranjan, Engineering VP at a Fortune 50 organization. Peeyush coined an amazing term - "Diffused Responsibility" - this is the reason why we all, in different silos, development, security, GRC, legal have to try harder and pull towards the same goal. In fact the example used - of a sports team, getting the pigskin over the line is a very apt one.
|
By Riscosity
We chat about the Health-tech space. What are the challenges of building a Healthtech company, where are the roadblocks, what should you look out for - very introspective feedback from Punit! A must hear for entrepreneurs..
|
By Riscosity
In this episode of Securing the Digital Supply Chain we talk with terence Jackson, CISO at Microsoft for State and Local Government customers! We have a great time talking about the trends in the Software Supply Chain area as well what can CISOs focus on to get quick wins for their organizations. Terence brings a wealth of experience from small to medium scale to large enterprise organizations and applies them to various security challenges to effectively solve them.
|
By Riscosity
Yaser is a veteran in the construction industry and in this session we learn about what technologies are used in the construction technology sector, what are some of the gotchas that industry leaders should pay attention to and the various types of organizations that are there on the landscape..
|
By Riscosity
In this episode of Securing the digital supply chain we talk with two extremely accomplished security thought leaders from the Bay Area - Prasad Ramakrishnan, who is currently the CIO of freshworks and Drew Daniels who is a seasoned security savant and currently a senior member of SVCI. Both our guests have storied pasts in many well known companies, from startups to IPOs. We discuss SDLC, how to create successful security programs, the ins and outs of software supply chain management and some easter egg nuggets for vendors on how to approach CIOs and CISOs!
|
By Riscosity
In this episode of Securing the digital supply chain we talk to one of the luminary stars in IT, security from the Bay Area - Sai Kalur. Sai talks about SDLC, software development processes, best practices, the considerations that drive pharma and health-tech companies. A great discussion for CISOs, CIOs, and security thought leaders.
|
By Riscosity
We talk about supply chain risk, GDPR, Data Audits, how companies can make sure their processes for transferring data to 3rd parties remain on track. Jacob highlights the interplay between DevOps and security. A very interesting discussion indeed. For full disclosure - Armature Systems is a partner of Riscosity, and helps clients with purchasing, deploying, and operationalizing Riscosity's platform..
|
By Riscosity
Securing the supply chain Ep. 3 - An amazing cast of security thought leaders - Rich Watson, Frank Weigel and Kevin Paige - 3 stellar security leaders who have an immense amount of experience in all sorts of companies and security program. We touch on FDIC, FIL guidance, GDPR impact, SDKs Ruby, Gems and oh so more!
- April 2024 (1)
- March 2024 (3)
- February 2024 (3)
- January 2024 (3)
- December 2023 (4)
- November 2023 (4)
- October 2023 (2)
- August 2023 (1)
- June 2023 (3)
- March 2023 (1)
- January 2023 (1)
- October 2022 (3)
- April 2022 (1)
- March 2022 (1)
- February 2022 (5)
- January 2022 (5)
- November 2021 (1)
Riscosity enables full control, visibility, and compliance for data going to third parties and AI tools. Deployed on-prem and in your private cloud.
Riscosity is the data flow security platform that empowers teams to have full visibility of third party data in transit and automate the redaction or redirection of sensitive data simplifying how companies meet security and privacy standards.
How it works:
- Monitor: Track and pinpoint any data being sent to a third party API.
- Track: Easily map data sub processors and the information shared with them.
- Remediate: Automatically replace detected sensitive data with redacted inputs.
- Comply: Continuously monitor and block APIs from sending the wrong data to the wrong place.
Deploy Riscosity in your production or development environment to monitor, identify, redact, and secure all third party APIs.