ALS Ice Bucket Challenge!

posted on Aug 21, 2014 by Niyosha Freydooni

Challenge Background The ALS Ice Bucket Challenge first began with a golfer in Florida. He decided to nominate a few friends and soon after Social Media took over. Now at $22 million, the donations are still coming in. To some, the ALS Ice Bucket Challenge has become repetitive and nothing but a fad. But to…

Women in Tech: Rossana Ludena

posted on Aug 13, 2014 by Niyosha Freydooni

Finally: a blog featuring Security Compass’s amazing, vibrant and IT proficient women. I will be writing about who these women really are and how they contribute to Security Compass’s culture, success and growth. These are women who go beyond the call of duty by doing exceptional work and brightening up a coworker’s day. Meet Rossana…

A Fresh Approach to Building an Application Security Program

posted on Jul 28, 2014 by Rohit Sethi

Ben Tomhave and Ramon Krikken at Gartner have released a paper called Application Security: Think Big, Start with What Matters which describes concrete steps on how to cost effectively deploy an app sec program. We highly recommend that organizations seeking to build an app sec program to read the report. Krikken & Tomhave have defined…

3 Things To Consider When You Revisit Your Backup System

posted on Jul 9, 2014 by sahba

What’s expected from you in your role as a CISO is expanding as companies rely heavily on more complicated information systems. There is a barrage of threats and more reliance on technology as businesses leave the pencil and paper behind. Status quo is not an option with so much change occurring within the IT industry,…

A Word About Backup Solutions

posted on Jun 25, 2014 by Jarl

Does your company have a defined backup recovery strategy and system in place? Does having such a system even matter? Unfortunately, most companies haven’t integrated effective backup solutions and, in some cases, the requirements for what constitutes a proper backup solution are not even present. A proper system should be tailored to business needs and…

Software Security: An Imperative to Change

posted on Jun 3, 2014 by Rohit Sethi

Attention grabbing exploits are becoming the norm. We hear about bugs like Heartbleed and IE 0days almost every week. Understandably the public is concerned about insecure technology.  Yet for those of us who work in information security, this isn’t news at all. We have long known that insecure software is the root cause of most…

What’s new in PCI DSS v3.0 for Penetration Testing?

posted on May 15, 2014 by Nima Dezhkam

The PCI (Payment Card Industry) Security Standard Council releases a mandated PCI Data Security Standard (DSS) with the goal of securing cardholder data that is stored, processed or transmitted by merchants and other organizations. PCI DSS follows a 36 month lifecycle at the end of which a new version of the standard is released. The…

It’s Cool to Care about Security Requirements

posted on May 7, 2014 by Rohit Sethi

We at Security Compass are thrilled to be named Gartner Cool Vendor 2014 for the Application & Endpoint security category with our SD Elements product. Each year, Gartner identifies new Cool Vendors in key technology areas and publishes a series of research reports highlighting these innovative vendors and their products and services. This is a…