Collaborate Disseminate
Maintaining cybersecurity for organizations has never been more complex; now that remote and hybrid work has become the norm, access to a company’s network is no longer limited to those within the physical building but extends to people connecting thro… Continue reading Why integrating SIEM tools is crucial to managing threats
I am quite familiar with the ROC but am not a QSA.
PCI definition of strong cryptography make references to choosing your own standard and follow that, for example; if I followed NIST i.e. TLS as specified by Special Publication 800-57 Par… Continue reading What exactly are the characteristics of TLS required by PCI DSS and which reference describes these?
Buy these widgets. Write these policies. Be compliant. Be secure. While certain industry bodies set specific cybersecurity standards and requirements, following them is not enough to protect your organization from cyber attacks and to achieve resilienc… Continue reading Compliance does not equal security
ManageEngine announced the addition of data loss prevention for endpoints, anti-ransomware and endpoint compliance capabilities to its unified endpoint management (UEM) solution, Desktop Central. Since the prevalent adoption of remote work, organizatio… Continue reading ManageEngine adds anti-ransomware capabilities to its UEM solution to combat evolving cyberthreats
VigiTrust launched VigiQuiz, a gamified Security Awareness Quiz tool to help businesses observe Cybersecurity Awareness Month in an engaging and informative way. Offered as a service, the quiz is designed to help organizations provide security training… Continue reading VigiTrust launches VigiQuiz to provide interactive training for cybersecurity awareness
IriusRisk has expanded the free Community Edition of its platform to include its entire threat and countermeasure knowledge base. Engineering teams using the Community Edition will now be able to factor its comprehensive security standards and complian… Continue reading IriusRisk Community Edition offers free threat knowledge base for developers
My company is using virtual credit cards and since we are PCI compliant (and want to be in the future) I was wondering about the requirements of storing/processing and transmitting PAN numbers of virtual credit cards.
E.g. As part of the b… Continue reading Are virtual credit cards in scope for PCI Compliance?
can HSTS be considered asa remediation for the vulneraberabity "cookies are not protected by secure flag" for a PCI DSS auditor?
Red Box announces the certification of its compliance recording solution for Microsoft Teams as part of the Microsoft Independent Software Vendor (ISV) Partner Certification Programme. Following extensive third-party approved testing, the solution ensu… Continue reading Red Box provides certified compliance recording solution for Microsoft Teams
Jscrambler announced it has raised $15 million in Series A financing for website and mobile app security to rewrite the rules of website security. The round was led by Ace Capital Partners, with the participation of existing investors including Portuga… Continue reading Jscrambler raises $15M to augment marketing and sales resources in the U.S. and European markets