The SolarWinds Hack and The Arrival of Software Supply Chain Attacks

As the breach at network management software firm SolarWinds is still unfolding, the company has revealed in a December 14th..

VPN penetration testing explained

A Virtual Private Network, or VPN, is a gateway to your organizational network. While companies often prefer using a VPN..

Are free PCI ASV scans possible?

Requirement 11.2 of PCI DSS states that a covered entity should conduct quarterly external scans and rescans via an Approved..

Who needs PCI ASV scans and why?

Payment Card Industry Data Security Standards (PCI DSS) are operational and technical requirements prescribed by the PCI Security Standard Council..

HIPAA Compliance for AWS-hosted SaaS

Amazon Web Services (AWS) is a leading cloud service provider. If you are a software-as-a-service (SaaS) provider, you may have..

PCI DSS compliance for your Azure hosted SaaS

Cloud computing has brought in a paradigm shift and transformed how organizations across the globe offer their services. Instead of..

Cybersecurity checklist for SaaS applications

In the last few years, we have seen that SaaS businesses have grown at a sky-high pace. Due to quick..

Penetration testing tools for Automated security testing

There is a big debate about whether penetration testing should be automated or manual. While our experts say that it..

Penetration testing and vulnerability scanning for GDPR

GDPR completed its second anniversary in May this year. In one of our earlier articles, we discussed how NYDFS Cybersecurity..

Penetration Testing and Vulnerability Scanning Controls for CCPA

The much-discussed California Consumer Privacy Act (or CCPA) finally came into force at the start of this year, on January..