Compliance

API Security Testing on Free Swagger collection

Aug 13, 2024 By VISTA InfoSec In VISTA InfoSec

API security is a critical aspect of modern web applications, ensuring that your APIs are robust and secure from potential threats. In our latest video, we dive into API security testing using a free Swagger collection. Swagger, an open-source framework, allows developers to design, build, document, and test their APIs with ease. By leveraging Swagger collections, you can perform comprehensive security testing to identify vulnerabilities such as injection flaws, data exposure, and improper authentication. This proactive approach helps in mitigating risks and protecting your API endpoints from malicious attacks.

View Video

VISTA InfoSec

Read more about API Security Testing on Free Swagger collection

Understanding DORA: The New European Regulation

Aug 12, 2024 By Iratxe Vazquez In WatchGuard

With the rise in cyberattacks, robust measures are essential to reduce attack surfaces and respond swiftly to threats. Compliance with regulations like the Digital Operational Resilience Act (DORA) is crucial to prevent severe penalties and ensure business continuity. This blog post looks at DORA and introduces our white paper about this important new European regulation.

Read Post

WatchGuard

Read more about Understanding DORA: The New European Regulation

DORA's Reach: How UK ICT Service Providers Are Affected

Aug 12, 2024 By Jamie Hayward In Razorthorn

The Digital Operational Resilience Act (DORA) is set to reshape the landscape of financial services in the European Union. But its impact extends beyond EU borders, particularly affecting UK-based Information and Communication Technology (ICT) service providers. Let’s explore how DORA might influence these providers and what steps they should consider taking.

Read Post

Razorthorn

Read more about DORA's Reach: How UK ICT Service Providers Are Affected

Top Strategies for Building a Robust Corporate Compliance Program

Aug 10, 2024 By SecuritySenses In SecuritySenses

No wonder building a strong corporate compliance program is necessary to protect your business and ensure long-term success. Through it, you can address complex issues and avoid legal risks. Ultimately, you can promote a positive reputation for your business. That being said, how can you build an effective corporate compliance program? In today's guide, we'll walk through top strategies from the perspective of the experts. So, just read on.

Read Post

SecuritySenses

Read more about Top Strategies for Building a Robust Corporate Compliance Program

Move From FedRAMP to DoD with Impact Level Assessment

Aug 9, 2024 By Max Aulakh In Ignyte

We’ve written extensively before about FedRAMP’s impact levels. As a brief refresher, there are four: You can read our full guide to these four impact levels, how they’re calculated, and what they mean in this post. One important thing to know here is that FedRAMP is not the be-all and end-all security framework for the government.

Read Post

Ignyte

Read more about Move From FedRAMP to DoD with Impact Level Assessment

Industry-specific criteria in SOC 2+

Aug 9, 2024 By SecuritySenses In SecuritySenses

SOC 2+ reports have become increasingly crucial for organizations aiming to demonstrate their commitment to security and compliance. While the standard SOC 2 framework provides a solid foundation, many industries require additional criteria to address their unique risks and regulatory requirements. This article explores the concept of industry-specific criteria in SOC 2+ reports and how they enhance the value of these assessments for specialized sectors.

Read Post

SecuritySenses

Read more about Industry-specific criteria in SOC 2+

The Importance of Due Diligence in Corporate Governance

Aug 9, 2024 By SecuritySenses In SecuritySenses

Due diligence is a critical component of corporate governance, serving as a cornerstone for effective decision-making. It helps organizations mitigate risks and ensure compliance with legal and regulatory standards. Understanding the importance of due diligence can significantly enhance corporate governance practices.

Read Post

SecuritySenses

Read more about The Importance of Due Diligence in Corporate Governance

Data Governance & Compliance: Navigating the Digital Maze

Aug 8, 2024 By Teramind In Teramind

Is your company grappling with an increasing volume and complexity of information? A strong data governance framework is essential to harness the power of data while lessening risks. This strategic framework ensures data is managed effectively, meets quality standards, and supports informed decision-making, quality standards, and supporting informed decisions. As regulatory compliance burdens intensify, data governance has become critical to organizational success.

Read Post

Teramind

Read more about Data Governance & Compliance: Navigating the Digital Maze

Have You Heard About the New PCI 4.0 Section 1.2 Spec? Tripwire Makes Compliance Easy

Aug 7, 2024 By Michael Betti In Tripwire

If you’ve been keeping up with the Payment Card Industry Data Security Standard (PCI DSS), you’ll know it has a new specification that revolves around network security controls. Let’s dig into the details.

Read Post

Tripwire

Read more about Have You Heard About the New PCI 4.0 Section 1.2 Spec? Tripwire Makes Compliance Easy

Boost Your Cyber Resilience with DORA and NIS2

Aug 7, 2024 By Rubrik In Rubrik

In this episode of CISO Conversations: EU Data Regulations, Richard Cassidy, EMEA Field CISO at Rubrik, is joined by Jack Poller to dive further into the topic of DORA and NIS2, specifically how they help vendors build strong cyber resilience and data security strategies, effective insights for DORA and NIS2 compliance, and the balance between compliance and ransomware attacks.

View Video