Compliance

Kroger Uses JFrog Xray for Software Security and License Compliance

Dec 15, 2021 By JFrog In JFrog

Kroger leverages the JFrog platform to give developers visibility into their software vulnerabilities and make informed decisions on what to fix. See how Kroger has implemented secure DevOps processes with automated vulnerability scanning and open-source software (OSS) license compliance capabilities to support their development and security teams.

View Video

JFrog

Read more about Kroger Uses JFrog Xray for Software Security and License Compliance

Understanding CMMC 2.0 Scoping Guide by the Department of Defense

Dec 13, 2021 By Max Aulakh In Ignyte

The Department of Defense (DoD) has recently released new CMMC 2.0 audit and assessment scoping guides. The awaited CMMC 2.0 Level 1 and Level 2 scoping guides provide insight into how a certified CMMC third-party assessor organization (C3PAO) may scope the CMMC audit and how businesses can potentially scope their own environments. These scoping guides are critical for the CMMC audit and boundary diagrams developed as part of your business’s System Security Plan (SSP).

Read Post

Ignyte

Read more about Understanding CMMC 2.0 Scoping Guide by the Department of Defense

Practice vs. Maturity in CMMC 2.0 Framework

Dec 13, 2021 By Ignyte Team In Ignyte

Aaron McCray, Ignyte’s Chief Operating Officer, is giving a brief overview of the changes to CMMC 2.0, and more specifically its Practice levels vs Maturity levels in the video below. Aaron is a commercial risk management leader by trade and a Commander in the U.S. Navy Reserves.

Read Post

Ignyte

Read more about Practice vs. Maturity in CMMC 2.0 Framework

Dissecting FedRAMP NIST 800-53, NIST 800-171 & CMMC 2.0 Control Structure

Dec 13, 2021 By Ignyte Team In Ignyte

Today we are going to discuss controls in the context of any variation of the NIST 800-53 and NIST 800-171 requirements. NIST SP 800-53 provides us with a fundamental understanding of how government and many commercial organizations structure control language.

Read Post

Ignyte

Read more about Dissecting FedRAMP NIST 800-53, NIST 800-171 & CMMC 2.0 Control Structure

CMMC 2.0 | What the changes mean for organizations in the DIB

Dec 9, 2021 By Ignyte In Ignyte

The improved CMMC 2.0 introduced multiple changes to the audit assurance process. What are those changes and what steps should you take to ensure the protection of Controlled Unclassified Information (CUI)?

View Video

Ignyte

Read more about CMMC 2.0 | What the changes mean for organizations in the DIB

Compliance Reporting Product Demo // UpGuard Summit December 2021

Dec 6, 2021 By UpGuard In UpGuard

Learn how to use UpGuard’s exciting new Compliance Reporting feature with Senior Product Manager, Chris Schubert UpGuard is a complete third-party risk and attack surface management platform, managing cyber risk across attack surfaces and third-party vendors by proactively identifying security exposures.

View Video

UpGuard

Read more about Compliance Reporting Product Demo // UpGuard Summit December 2021

Five worthy reads: HIPAA compliance in the age of cybersecurity

Dec 3, 2021 By General In ManageEngine

Five worthy reads is a regular column on five noteworthy items we discovered while researching trending and timeless topics. In this week’s edition, let’s explore the role of HIPAA compliance in the cybersecurity era.

Read Post

ManageEngine

Read more about Five worthy reads: HIPAA compliance in the age of cybersecurity

Episode 1: DevSecOps Coffee Break Series Add OSS Security & Compliance to Artifactory

Dec 2, 2021 By JFrog In JFrog

Introduction to JFrog Xray and how to reduce vulnerability and license risks of the open source and 3rd party dependencies you rely on.

View Video

JFrog

Read more about Episode 1: DevSecOps Coffee Break Series Add OSS Security & Compliance to Artifactory

More SEC Talk on Cyber, Internal Control

Dec 1, 2021 By RiskOptics In RiskOptics

Before this particular bit of news sails downstream, internal control professionals might want to note that an SEC commissioner spoke this week about the importance of internal controls for cybersecurity. She raised a few points worth considering. The remarks came from Caroline Crenshaw, a Democratic appointee to the Securities and Exchange Commission who, in my opinion, is something of a stalking horse for SEC policy.

Read Post

RiskOptics

Read more about More SEC Talk on Cyber, Internal Control

Securing SAP SuccessFactors to remain compliant

Nov 29, 2021 By Lookout In Lookout

Lookout is the only CASB in the SAP Store, and the only CASB vendor in the SAP integration partner lineup. We’ve worked closely with SAP to understand how SuccessFactors interacts with users and handles data. Recognized by Gartner as an industry-leading solution, Lookout CASB has built-in advanced data security and user and entity behavior analytics. But we wanted to ensure we can safeguard SuccessFactors and its vast functionalities, that’s why we worked hard to understand how the HCM solution interacts with users and handles data.

View Video