BLOG
Securing Cloud Applications – Part 1: Developer Foundations
Are you responsible for the security of application containers running in the cloud? If so, you've found the right source to help you secure it. In this series of securing developed applications hosted in the cloud. We'll walk through where the code starts and follow...
Kubernetes & Container Security Consulting
We've moved from hub and spoke network technologies, to servers, to virtualization, to cloud, and now we are graduating to container technologies using Docker and Kubernetes. With this new evolution in technology brings new security review philosophies and...
What Does a vCISO do?
If you want an information and cyber security leader, but don't' want to afford or be burdened by a full-time employee, a virtual CISO can be a great solution. But without the leadership of a CISO, how do you know what the vCISO should do? It's important to note...
How Much Does a vCISO Cost?
You're in charge of protecting the company's assets and reputation. You have critical and sensitive information and you have regulation requirements you need to attest to and meet. You need someone that can manage this responsibility and lower risk without impacting...
Overlooked Benefits of Hiring a vCISO
The role of a CISO is critical within a business that has significant risk and needs to implement and maintain an operational security program. But hiring this role is expensive, and it can be hard to qualify and identify the right candidate. A...
Minnesota Cybersecurity Companies
Minnesota is a hotbed of cybersecurity talent. To access that amazing talent, you should partner with a local cybersecurity company. If you're looking to for cybersecurity help with advisory services, consulting, or initiatives and want to support local...
When to Pen Test an Application?
Cybersecurity article on when to decide to test your application by means of a professional penetration test.
How to Build a Computer Security Incident Response Plan
A Security incident handling and response plan is a premeditated plan on how you will determine, classify, and respond in an organized and prepared manner to a cyber attack that potentially impacts the business. Your goal is to reduce the impact of the incident...
4 Questions to Prevent Passive Programmer Security
Do you development software or applications internally? Photo by Émile Perron on Unsplash Support for internally developed applications can allow speed to market, customization, and even a competitive advantage. Common problems are supportability, security, and...
Best Security Controls for the Endpoint
When we consider the volume of security incidents and breaches we can see a picture that a large volume of these is hitting the endpoint. The reason is twofold; 1. Where the weakest link is = the user. 2. Administrative Rights - That asset is typically logged in with...