Annual penetration testing v. continuous monitoring

Penetration tests have become an essential part of an organization’s security strategy to find and fix vulnerabilities before the attackers..

Penetration testing requirements for NIST SP 800-53

Year after year, security threats continue to get complicated and sophisticated. An enterprise cannot wait for the attackers to exploit..

The SolarWinds Hack and The Arrival of Software Supply Chain Attacks

As the breach at network management software firm SolarWinds is still unfolding, the company has revealed in a December 14th..

VPN penetration testing explained

A Virtual Private Network, or VPN, is a gateway to your organizational network. While companies often prefer using a VPN..

Are free PCI ASV scans possible?

Requirement 11.2 of PCI DSS states that a covered entity should conduct quarterly external scans and rescans via an Approved..

Who needs PCI ASV scans and why?

Payment Card Industry Data Security Standards (PCI DSS) are operational and technical requirements prescribed by the PCI Security Standard Council..

HIPAA Compliance for AWS-hosted SaaS

Amazon Web Services (AWS) is a leading cloud service provider. If you are a software-as-a-service (SaaS) provider, you may have..

PCI DSS compliance for your Azure hosted SaaS

Cloud computing has brought in a paradigm shift and transformed how organizations across the globe offer their services. Instead of..

Cybersecurity checklist for SaaS applications

In the last few years, we have seen that SaaS businesses have grown at a sky-high pace. Due to quick..

Penetration testing tools for Automated security testing

There is a big debate about whether penetration testing should be automated or manual. While our experts say that it..