One of the more important security controls in any organization's security program is access controls, especially when it comes to your infrastructure. But given that most organizations lack both complete visibility into and control of their cloud infrastructure, it's...
The Full Scope
Trends, tips, regulations, and all things security
Industry News
Best Practices for Securing Kubernetes, Serverless, and Containers
Kubernetes, containers, and serverless have been part of the "new stack" that everyone talks about, but hasn't quite yet fully harnessed. And, security best practices for these are still being formulated. That's where Lacework's CEO Dan Hubbard is looking to change...
The 3 Security and Compliance Trends for 2020
Here are the top three security and compliance trends for 2020 Tugboat Logic has gathered from their customers and partners have observed in their respective industries.
SOC 2
8 Ways to Accelerate the SOC 2 Audit Process
Getting through the SOC 2 audit process shouldn’t be a slog. Check out these 8 tips to accelerate your compliance journey.
What Is a SOC 2 Audit?
In this article, we’ll define, in plain language, the basic components of a SOC 2 audit and give you the information you need to start formulating a plan of attack.
Guide to Penetration Testing for Compliance and Audits
Author: Alexandre Côté, Vumetric Cybersecurity Penetration testing, also known as ethical hacking or pentesting, plays an important role in the compliance process of various standards, including SOC 2, PCI-DSS, and ISO 27001. According to the National Institute of...
Product Updates
Introducing the Risk Assessment Module
TL;DR Tugboat Logic's Risk Assessment Module guides you through the process of conducting a risk assessment by providing recommendations of which IT and security risks to consider, how to best mitigate these risks, and automatically tracking the compliance of...
[Product Update] Introducing the Compliance Calendar and Readiness Project Calendar
Project Management for Audits is Now Available to All Tugboat Logic Users One of the biggest frustrations about staying compliant is “audit fatigue” - meaning companies feeling like they are always going through some stage of an audit. Whether it is evidence...
Simplify Audits with Automated Evidence Collection
New Product Release: GitHub Integration | Automated Evidence Collection for Code Change Control Tugboat Logic is proud to announce the availability of our latest feature: GitHub Integration: Automated Evidence Collection for Code Change Control for external audits...
Certifications
Backup and Recovery Process: Choose It or Lose It
Despite our best efforts, sometimes things go wrong. The best way to handle situations should they arise, is to have a plan to act in advance, and keep that plan updated when threats change. This not only covers risks to your data by bad actors but plans in the event of a server outage or a natural disaster as a few examples.
Why Did We Get ISO 27001 Certified?
Others Avoid It, We Said “Challenge Accepted” From the beginning, Tugboat Logic’s goal has been to demystify the complexities of information security. While no one enjoys being audited, this inevitability is what fuels us to constantly improve upon our product. So...
Change Management Process: Time to Go Deeper
Your formal Change Management Process will guide you through the planning and implementation of your changes. Documentation and approval need to cover all the changes in terms of software, enhancements, applications and any other systems or elements the changes will involve or touch.
Ready to Pass Soc 2, Collect Evidence, and Close More Deals?
Tugboat Logic is a platform that integrates all your InfoSec Program in one single software.
Still Have Questions?