%term

Vanta Unveils New Enterprise Offerings Powering the Future of Trust

Jan 31, 2024 By Vanta In Vanta

Crossing $100M ARR in FY '24 with nearly 7,000 customers. Continuing its global rollout of AI innovations powering the future of trust in an AI world. A-LIGN partnership scaling impact of Vanta's Trust Management Platform for leading enterprise brands.

Read Post

Vanta

Read more about Vanta Unveils New Enterprise Offerings Powering the Future of Trust

Unfolding the Basics of SaaS Defense

Jan 31, 2024 By SecuritySenses In SecuritySenses

Imagine working in a digital fort-your business's data safely tucked behind the virtual walls of various cloud-based software. Sounds secure, right? But without the right armor, these walls might not be as impenetrable as you think. Enter the world of CSPM, a critical aspect of cloud software security that's all about keeping your data defenses robust and your compliance on point. But before we delve into those strategies, let's consider the susceptibilities.

Read Post

SecuritySenses

Read more about Unfolding the Basics of SaaS Defense

Practitioner's Corner: Turning Regulatory Compliance into Strategic Opportunity

Jan 31, 2024 By Tim Grieveson In BitSight

Cyber risk regulations like NIS2 and DORA in the EU, or PS21/3 in the UK, signal a seismic shift toward strengthening cyber resilience and enforcing accountability. Championing regulations is not just a matter of checking compliance boxes: it’s an opportunity to become a business leader. To enable growth and protect revenue.

Read Post

BitSight

Read more about Practitioner's Corner: Turning Regulatory Compliance into Strategic Opportunity

Celebrating new milestones plus enterprise-ready features and more AI capabilities

Jan 31, 2024 By Vanta In Vanta

Today we’re excited to share several milestones as we continue on our mission to secure the internet and protect consumer data. ‍ ‍ ‍ ‍ And we’re just getting started. ‍ As we continue to reimagine GRC tools for the future of trust, we’ve built enterprise-ready features and rolled out additional Vanta AI capabilities along with support for the NIST AI Risk Management Framework. ‍ ‍

Read Post

Vanta

Read more about Celebrating new milestones plus enterprise-ready features and more AI capabilities

Introducing AI Data Import for Access Reviews

Jan 31, 2024 By Vanta In Vanta

Conducting regular user access reviews is an effective way to make sure your organization is securing access to critical systems and third-party vendors. Frameworks like SOC 2 and ISO 27001 even require proof of regular access reviews to demonstrate compliance. ‍ Without automation, access reviews are tedious and time-consuming, requiring IT and security teams to manually record user access information in a spreadsheet and take countless screenshots of access permissions screens. ‍

Read Post

Vanta

Read more about Introducing AI Data Import for Access Reviews

Introducing NIST AI RMF: Monitor and mitigate AI risk

Jan 31, 2024 By Vanta In Vanta

The pace and complexity of AI technologies is increasing every day. In this rapidly changing environment, it’s critical for companies to adopt a rigorous approach to safely and responsibly incorporating AI into their products and processes. ‍ That’s why we’re excited to announce that the NIST AI Risk Management Framework (RMF) is now available in beta.

Read Post

Vanta

Read more about Introducing NIST AI RMF: Monitor and mitigate AI risk

Getting ISO 27001 certification as a SaaS scale up

Jan 29, 2024 By Detectify In Detectify

Getting ISO 27001 certified is quite a process, so why should SaaS companies do it? A couple of our security experts, Johan Edholm (co-founder and security engineer at Detectify) and Jenny Gabrielsson (CFO at Detectify) share a use case on Detectify's journey towards ISO 27001 certification.

View Video

Detectify

Read more about Getting ISO 27001 certification as a SaaS scale up

PCI DSS Requirement 5 - Changes from v3.2.1 to v4.0 Explained

Jan 29, 2024 By Narendra Sahoo In VISTA InfoSec

Welcome back to our ongoing series on the Payment Card Industry Data Security Standard (PCI DSS). We’ve been journeying through the various requirements of this critical security standard, and today, we’re moving forward to explore Requirement 5 of PCI DSS v4.0.

Read Post

VISTA InfoSec

Read more about PCI DSS Requirement 5 - Changes from v3.2.1 to v4.0 Explained

How to Comply with NIST SP 800-171 Revision 3

Jan 26, 2024 By Nicholas Sollitto In UpGuard

The National Institute of Standards and Technology (NIST) developed the NIST 800-171 framework to set guidelines and security requirements for protecting controlled unclassified information (CUI). NIST first created the framework in June 2015 but has since revised the publication several times, most recently in November 2023.

Read Post

UpGuard

Read more about How to Comply with NIST SP 800-171 Revision 3

Cybersecurity Standards vs Procedures vs Controls vs Policies

Jan 26, 2024 By Max Aulakh In Ignyte

Cybersecurity is a vast and complex field, and it’s made more complicated as technology – both infrastructure and in terms of cyberattacks – grows more and more sophisticated. Any large and complex industry grows terminology and jargon like leaves on a tree, and cybersecurity is no different. There are dozens, if not hundreds, of specialized terms that are used in narrow and specific ways throughout the industry.

Read Post