Blog Archives

HITRUST Update: HITRUST CSF® v9.3 Release

by Sarah Harvey / December 15, 2022

HITRUST®, a the leader in information security and privacy risk management and compliance programs, has announced a much-anticipated update to the HITRUST CSF in an effort to remain one of the leading data protection standards. HITRUST CSF v9.3 adds new privacy and security standards and updates six others existing within the certifiable framework. These changes were made in response to the ever-shifting information security landscape that is consistently updated with…

Best Practices for Privilege Management in AWS

by Sarah Harvey / December 15, 2022

Could what happened at Capital One happen at your organization? That depends on your commitment to cloud security. This breach could happen to any organization that’s not educated on AWS vulnerabilities and best practices. We’ve talked about how security misconfigurations played a role in Capital One’s breach, but now let’s discuss how privilege management contributed to this successful hack. What Happened at Capital One with IAM Misconfigurations? According to Verizon’s…

Stages of Penetration Testing According to PTES

by Sarah Harvey / November 3, 2023

What is the Penetration Testing Execution Standard (PTES)? The Penetration Testing Execution Standard, or PTES, is a standard that was developed and continues to be enhanced by a group of information security experts from various industries. PTES provides a minimum baseline for what is required of a penetration test, expanding from initial communication between client and tester to what a report includes. The goal of PTES is to provide quality…

Think Like a Hacker: Common Vulnerabilities Found in Networks

by Sarah Harvey / February 20, 2023

What’s the Difference Between Internal and External Networks? Let’s face it: anything connected to the Internet is at risk of being compromised, which means that organizations like yours must understand the types of vulnerabilities in your internal and external networks that could be exploited by a malicious hacker. If you’re interested in learning about common ways your networks may be compromised by a malicious hacker, remediation tactics for mitigating threats…

Preparing for CCPA: 4 Data Privacy Best Practices to Follow

by Sarah Harvey / December 15, 2022

The California Consumer Privacy Act has been regarded as the United States' strictest data privacy law of our time, and yet, many organizations still don’t know where to start with their compliance efforts. Does the law even apply to them? How can they ensure compliance? What are the steps they need to take? While no one journey toward CCPA compliance is the same, we’ve rounded up four data privacy best…

Blog

Blog

HITRUST Update: HITRUST CSF® v9.3 Release

Best Practices for Privilege Management in AWS

Stages of Penetration Testing According to PTES

Think Like a Hacker: Common Vulnerabilities Found in Networks

Preparing for CCPA: 4 Data Privacy Best Practices to Follow

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.