Blog

CISO, vCISO

The Advantages of Hiring a vCISO Vendor vs. an In-House CISO

You need someone to manage your business’ security program, and while this is a necessity, you have options for how you choose to protect your assets. For most companies, they either hire a Chief Information Security Officer (CISO) to manage an internal security team, or they

Read More

CISO, vCISO

5 Signs It's Time to Start Using a CISO as a Service

You’re busy at work, focused on meeting daily deadlines and on achieving your overall mission. But while you’re laser-focused on your day-to-day tasks and long-term goals, who’s worrying about your cybersecurity? Maybe it’s a small in-house IT team

Read More

CISO, vCISO

5 Ways vCISO Can Turbocharge Your Sales Team

Sales are complicated. You’re not just articulating the facts about your product or service, you are also navigating emotions and perception to get the deal closed. In a tech setting, that’s about building trust and confidence. The faster that trust

Read More

SOC2, vCISO

The New SOC 2 and You: How You Should Proceed

Under mounting pressure to keep up with an ever-changing body of regulations and increased demands for transparency, The American Institute of Certified Public Accountants (AICPA) has adjusted Service Organization Control 2 (SOC 2) framework. A SOC

Read More

Security Program

WPA3 for WiFi is here! Almost.

Choosing the correct form of encryption will always be a game with moving goalposts. Encryption algorithms and associated transport protocols are found to have weaknesses or computing flaws as new power becomes available to brute force the hard math

Read More

Penetration Testing

Social Engineering Within Pentesting

Pentesting the People; social engineering is an easy vulnerability When it comes to penetration testing of an enterprise, you instantly think about all the cool tools and tactics used to enumerate the target and locate a possible vulnerability that

Read More

PCI DSS

What's new in PCI DSS 3.2.1

In May 2018, the PCI Security Standards Council, the authors of the PCI DSS standard, issued a new version of that standard - version 3.2.1. Let's review the changes from 3.2 to 3.2.1

Read More

Penetration Testing

Just Walk in the Front Door

As an aspiring penetration tester, it is not always the extensive rootkits or the backdoor metasploit exploits that you need to focus on with every testing engagement. Sometimes, the best way in is to just try the front door. If you can learn to

Read More

PCI DSS, SOC2, CISO, vCISO, HIPAA, CIS Controls, Security Program

7 Advantages of using a "virtual CISO" (vCISO)

A growing trend in the world of Cyber Security is companies outsourcing of some or all of their Information Security teams. This can be just a small part, like vulnerability management, vendor risk management, or responding to customer

Read More

Penetration Testing

Top 5 Free Pentesting Tools for Quick Results

Being able to accurately perform a pentest on a network that you are not familiar with takes both knowledge about the underlying infrastructure (to be able to navigate) and the proper tools for the job. Just like a construction worker has his

Read More