%term

PCI DSS Requirement 11 - Changes from v3.2.1 to v4.0 Explained

Mar 13, 2024 By Narendra Sahoo In VISTA InfoSec

In the ever-evolving landscape of cybersecurity, staying updated with the latest standards and protocols is crucial. One such standard that has undergone significant changes is the Payment Card Industry Data Security Standard (PCI DSS) Requirement 11. This requirement, focused on the regular testing of security systems and networks, has seen notable updates in its transition from version 3.2.1 to version 4.0.

Read Post

VISTA InfoSec

Read more about PCI DSS Requirement 11 - Changes from v3.2.1 to v4.0 Explained

How to use Vanta and AWS to manage vulnerabilities

Mar 13, 2024 By Vanta In Vanta

This blog is part of a series about how to use Vanta and AWS to simplify your organization’s cloud security. To learn more about how to use Vanta and AWS, watch our Coffee and Compliance on-demand webinar. ‍ Amazon Web Services, or AWS, is one of the most popular cloud providers for organizations today — providing one of the most flexible and secure cloud environments available.

Read Post

Vanta

Read more about How to use Vanta and AWS to manage vulnerabilities

New York Department of Financial Services Rules Part 500: Are You Ready for Amendment 2?

Mar 13, 2024 By Alok Agrawal In Rubrik

Hackers move fast. The cybersecurity industry works hard to move as fast (or faster) than hackers. And regulators work to keep pace. In 2017, the New York Department of Financial Services enacted the sector’s most ambitious set of cybersecurity regulations: 23 NYCRR Part 500. These “Part 500” rules have been updated to reflect the evolving threat landscape, the most recent change (“Amendment 2”) implemented in December 2023 to address emerging cybersecurity needs.

Read Post

Rubrik

Read more about New York Department of Financial Services Rules Part 500: Are You Ready for Amendment 2?

Navigating the EU's proposed Artificial Intelligence Act: What Organisations Need to Know

Mar 12, 2024 By Calligo In Calligo

The EU AI Act (the “AI Act”) is the world’s first comprehensive AI law. The Act lays down a harmonised legal framework for the development, supply, and use of AI products and services in the EU.

Read Post

Calligo

Read more about Navigating the EU's proposed Artificial Intelligence Act: What Organisations Need to Know

What is Compliance in Healthcare: Definition, Regulations, and Solutions

Mar 12, 2024 By Anirban Banerjee In Riscosity

Compliance in healthcare is a critical component to preserving the sanctity of modern society. Compliance in any industry ensures adherence to a minimum set of requirements to ensure quality of service; while undoubtedly important everywhere, it’s more so in healthcare due to its direct impact on human lives. For example, while financial compliance secures the safety of our funds, healthcare compliance ensures the safety of our personal selves.

Read Post

Riscosity

Read more about What is Compliance in Healthcare: Definition, Regulations, and Solutions

New in Vanta | March 2024

Mar 11, 2024 By Vanta In Vanta

Over the past month, we’ve rolled out several new capabilities.

Read Post

Vanta

Read more about New in Vanta | March 2024

FAQ: What is FIPS 140-2 and "Validated Cryptography"?

Mar 8, 2024 By Max Aulakh In Ignyte

As time marches on and technology develops, there’s a constant push and pull between information security and attempts to breach that security. Obscurity – simply hiding from sight – isn’t enough with automated processes capable of scanning any possible address looking for signs of life, so much of modern computer security comes down to cryptography. Pretty much everyone has some experience with cryptography, from our childhood spy media to modern computer science.

Read Post

Ignyte

Read more about FAQ: What is FIPS 140-2 and "Validated Cryptography"?

PCI DSS Requirement 10 - Changes from v3.2.1 to v4.0 Explained

Mar 7, 2024 By Narendra Sahoo In VISTA InfoSec

Keeping track of who is accessing your systems and data is a critical part of any security program. Requirement 10 of the PCI DSS covers logging and monitoring controls that allow organizations to detect unauthorized access attempts and track user activities. In the newly released PCI DSS 4.0, Requirement 10 has seen some notable updates that expand logging capabilities and provide more flexibility for merchants and service providers.

Read Post

VISTA InfoSec

Read more about PCI DSS Requirement 10 - Changes from v3.2.1 to v4.0 Explained

Understand Security Misconfiguration | OWASP Top 10

Mar 7, 2024 By VISTA InfoSec In VISTA InfoSec

🔒 Unlocking Secure Software: Understanding Security Misconfiguration 🔒 In this OWASP Top 10 video, we delve into the critical topic of Security Misconfiguration (A05). 🛡️ Security Misconfiguration poses a significant risk in the OWASP Top 10. It occurs when applications or systems are configured with errors, leaving them vulnerable to exploitation by malicious actors. Whether it’s unchanged default settings or outdated software, these misconfigurations can have dire consequences.

View Video

VISTA InfoSec

Read more about Understand Security Misconfiguration | OWASP Top 10

PCI DSS Requirement 9 - Changes from v3.2.1 to v4.0 Explained

Mar 6, 2024 By Ronak Patel In VISTA InfoSec

In the ever-evolving landscape of data security, staying updated with the latest standards and regulations is crucial. The Payment Card Industry Data Security Standard (PCI DSS) is no exception. With the recent release of PCI DSS v4.0, there have been significant updates and changes that organizations need to be aware of. This blog post will delve into one such critical area – Requirement 9: Restrict Physical Access to Cardholder Data.

Read Post