Blog

PCI DSS

Common Key Controls Tested in PCI DSS Assessments

As a company interested or required to become PCI DSS compliant, there is a list of key controls you must have in place, and appropriate evidence to be to be retained to provide the PCI DSS assessors during the testing period. Being able to easily identify where these controls

Read More

Penetration Testing, Security Program, CCPA, ISO27001

Do you have APIs? How do you test them?

Application Program Interfaces (APIs) have changed in nature in recent years and are increasingly (and sometimes inadvertently) being made available to users of web services, the “Apps” (applications) on mobile devices, and internally for the web

Read More

SOC2, CISO, vCISO, Security Program

Using a vCISO Service to Achieve and Retain a SOC 2 Certification

CSO Online, which knows plenty about what goes into ensuring security, makes a strong case for hiring a virtual Chief Information Security Officer (vCISO). It notes that fulltime CISOs “can be hard to come by, often stay in their job for two years

Read More

PCI DSS, Privacy

TokenEx and Truvantis: A Combined Solution for Uncompromising Security

Modern organizations must collect and store sensitive personal and payment data to process payments, compile analytics, and enable users to get the most out of their digital experiences. However, the systems and processes necessary to protect these

Read More

PCI DSS, CISO, vCISO

Use a vCISO to Achieve and Maintain PCI DSS Compliance

PCI is a strong security Framework. If you are a business owner, you have probably heard about the PCI DSS (Payment Card Industry Data Security Standard). All organizations that store, process, or transmit payment card transactions must adhere to

Read More

SOC2, CISO, vCISO, Security Program

Video | 11 Steps to Achieve SOC 2 Compliance

Are you looking to start your SOC 2 Audit for this year? Here is a video that will guide you through your first SOC 2 audit using 11 steps. Overview Your customers have probably asked for your SOC 2 report, or it may be required to seal the deal on

Read More

PCI DSS

What Constitutes a Primary Function for PCI DSS?

PCI DSS requirement 2.2.1.a says “describe how system configurations verified that only one primary function per server is implemented.”

Read More

SOC2, CISO, vCISO, Security Program, Privacy

Using Cyber Security to Enable Sales

Information security and privacy programs are generally about managing risk, but they can also impact your sales team by either slowing down or speeding up deals.

Read More

PCI DSS

Due Diligence for PCI DSS Vendor Selection

PCI DSS Requirement 12.8 dictates that any organization involved in payment card processing—including merchants, processors, acquirers, issuers, and service providers—must have policies and procedures in place to manage its service providers.

Read More

Security Program, Risk Assessment

Diminishing Returns in Cybersecurity

If you have ever taken a course in economics, then you should know a thing or two about the law of diminishing returns. It may very well be the subject’s most famous and immediately recognizable principle. Here is the gist of it; there is a point at

Read More

info@truvantis.com

+1 (415) 422-9844

    © 2024 Truvantis, Inc All Rights Reserved.

    Privacy Policy    Terms of Service