A holistic view of threat and vulnerability risk

Rapid7 and Modulo announced they are working together to deliver an holistic view of threat and vulnerability risk, correlated with broader regulatory, policy and compliance …

EMC unveils five new security advisory services

Virtualization, cloud computing, mobile technologies, and the emergence of a new class of Big Data applications have dramatically altered how organizations create, deliver, …

Surveying policies, controls and compliance

Qualys unveiled a new service for its QualysGuard Cloud Platform and suite of integrated applications for security and compliance to help businesses further automate their …

Automated managing of enterprise assets

Qualys announced the availability of hierarchical Dynamic Asset Tagging for its QualysGuard Cloud Platform and suite of applications for security and compliance. The …

Log management deserves a company’s respect

Keeping and maintaining data logs is a corporate best practice and, in many cases, when you consider regulation and industry standards, it’s the law. Still, few …

What is ISO 27001?

Learn the basics of information security and how to use ISO 27001 as a framework for managing information security management system. For more information and training, check …

Why is residual risk so important?

The term “residual risk’ is mandatory in the risk management process according to ISO 27001, but is unfortunately very often used without appreciating the real …

Web-based breach tool for healthcare IT

Healthcare has become one of the most-breached industries, placing hospitals, clinics and health plans under scrutiny of the Department of Health and Human Services (HHS) …

ISO 27001 video tutorials

One of the biggest obstacles for companies starting to implement ISO 27001 is writing various documents required by this information security standard. Information Security …