TATHAGATA ROYthreatradar.vercel.app·Sep 22, 2024Security Audit and Compliance Toolkit (Windows) – A Comprehensive Guide with Code WalkthroughIntroduction to Security Audit and Compliance Toolkit In today's digital landscape, ensuring the security and compliance of our systems is crucial. With threats ranging from unauthorized access to data breaches, organizations must regularly conduct s...75 readsSecurity
BuzzGKbuzzgk.hashnode.dev·Sep 11, 2024ISO 27001 and ISO 27002 OverviewISO 27001 and ISO 27002 are two essential standards in the realm of information security management. While they are closely related, they serve distinct purposes and have key differences in their scope, structure, and applicability. This article expl...ISO 27001
Lukas LöscheforFix Security Blogfix.security·Aug 2, 2024Launch Week Day 5: Cloud management and remediation with fixctlIn complex cloud environments, visibility, control, and security over sprawling resources can quickly become overwhelming. fixctl, the CLI tool designed for Fix Business users, directly addresses these challenges by providing advanced search capabili...96 readsProductcspm
Lars KampforFix Security Blogfix.security·Jul 30, 2024Launch Week Day 2: Ensure cloud complianceStaying compliant is hard, especially in a dynamic cloud-native environment, where resource configurations can change all the time. With Fix, you can now continuously assess your compliance posture across your cloud accounts and resources for the ISO...58 readsProductcloud compliance
Matthias VeitforFix Security Blogfix.security·Jul 1, 2024Strengthening cloud security posture with ISO 27001ISO/IEC 27001 is an internationally recognized standard for information security management systems. It provides a framework for organizations to protect their information assets and manage information security risks effectively. This international s...99 readsCloud securitycspm
Amit Paunikaramitpaunikar.hashnode.dev·Jun 14, 2024Six common compliance standards required for protection of dataEvery business that you do and every product that you create or use in the IT industry has something to do with data. To regulate the use and protection of data, several Compliance Standards have been defined to prevent misuse of this data. Here we l...compliance
James Perkinsjam3s.hashnode.dev·May 31, 2024How to Automate Audit Evidence in Drata with Make.comIntroduction: ⚖️ Compliance automation tools like Drata are great for collecting and generating evidence to support your audits. But these tools can't connect to every piece of software out there. In this tutorial, I will cover how we can use a no-co...56 readsdrata
James Perkinsjam3s.hashnode.dev·May 30, 2024Bulk upload compliance controls into Drata📄 The ability to do a bulk upload of controls in Drata can help save you minutes or hours, especially if you are looking to migrate an existing set of controls you already have documented in a spreadsheet. The steps to do a bulk import of your contr...61 readsdrata
Wayne McCawiso27001.hashnode.dev·Oct 17, 2023How do you Identify and Then Manage Your ISMS Scope?The basic question is: What is the scope of managing the security of the organization's information assets? The scope of managing the security of an organization's information assets refers to the boundaries and extent of the activities, assets, and ...ISO 27001 Certification
Wayne McCawiso27001.hashnode.dev·Aug 16, 2023How to improve your password managementOne of the longstanding beliefs that forms the basis of many password policies is the notion that regular password changes are beneficial. The idea is that by frequently changing passwords, we can potentially prevent attackers from exploiting a disco...ISO 27001 Certification