Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Compliance

idcentral

Sanction Screening: a comprehensive guide to help financial institutions fulfil sanction compliances.

Financial institutions use sanctions screening as a tool to detect, prevent and manage sanctions imposed on individuals and entities. Sanctions are issued on entities, organizations and individuals who are deemed drug dealers, human traffickers, terrorists and smugglers by the respective country or the U.N.

vista infosec

Wireless Network Assessment or Wi-Fi Hacking

Wireless network technology is widely used but at the same time, it has many security weaknesses. Several reports have explained weaknesses in the Wired Equivalent Privacy (WEP) & Wi-Fi Protected Setup (WPS) to encrypt wireless data. Before understanding the benefits of Wireless Network Assessment it is necessary to know what it is, why it is needed, how the service works and what you get from the service.

nightfall

Now Available: Nightfall Expands Data Security and Compliance for Salesforce Customers

By design, Salesforce is an environment where customer PII and other sensitive information must be shared and stored. However, compliance regulations like PCI DSS, HIPAA, GDPR, CCPA, and others limit this storage and usage of customer data to only what’s justifiably required for an organization to carry out its duties. Even then, there are requirements for how this data should be stored – like whether it should be encrypted, for example.

Trustwave

Compliance: The False Sense of Security

I know many will read this title and think that I am crazy. If I am compliant with NIST, HIPAA, ISO, PCI, etc., then I am running a secure network. And to a point that is true. But let’s look at it this way. If you are driving down the interstate at the posted speed limit and are keeping three car lengths between the driver in front of you, are you truly safe and secure on the interstate?

mend

How Manufacturing Companies can Safeguard Software and Assure Robust Quality and Compliance

Although application security and compliance are relatively modern concerns, they impact every industry that uses technology, even traditional industry sectors such as manufacturing. Most manufacturers that do business on a large scale have embraced technology as a necessary business component in the digital economy. Many manufacturers have built heavily integrated functions across the entire manufacturing process, as well as tying in related areas such as operations and logistics.

Snyk

Cheat sheet: Meeting security compliance standards

Security and compliance has a major role in every organization. Businesses are nothing without the trust and loyalty of their customers, and for many companies — from early-stage startups to multinational corporations — winning that trust starts by demonstrating that you have the correct security controls in place. Internationally-recognized compliance standards, such as ISO 27001, PCI-DSS, and SOC 2, make up the industry-standard goals that most businesses and organizations pursue.

sumologic

How Sumo Logic helps you comply with the CERT-In Directions 2022

On April 28, 2022, the Indian Computer Emergency Response Team (CERT-In) published the CERT-In_Directions_70B_28.04.2022 — a new document that imposes strict requirements on service providers, organisations, and cybersecurity teams. The new directions caused many controversies, leading to CERT-In publishing two supplemental documents: frequently asked questions on cybersecurity directions and No. 20(3)/2022 CERT-In.

alienvault

How to unite security and compliance in 5 simple ways

We have entered the era of data compliance laws, but regulations have not quite caught up to the level of risk that most organizations are exposed to. Uniting security and compliance is crucial to maintaining regulation standards and ensuring a secure environment for your business. Digital transformation and the rollout of new digital tools are moving faster than the speed of litigation. For example, many industries are utilizing connected IoT tools that significantly increase attack vectors.