The full scope of our solutions.
Employees’ security awareness.
Demystify and automate your SOC 2 audit.
Demystify and automate your ISO 27001 audit.
Demystify and automate compliance with GDPR.
Demystify and automate becoming PCI DSS compliant.
Get guidance on building your InfoSec program and complete RFPs in minutes.
Automate your security audits, risk assessments and RFPs.
Automate your InfoSec operations and manage all your products in one place.
Your source for security and compliance information.
Live and OnDemand.
See what’s working for our customers.
Expand and share your knowledge.
Get your product info here.
In-depth guides for everything you need to know about security and compliance.
Tugboat Logic story.
Request documents.
Current matches for your
There is a business reality that too many startups, and even later-stage companies, fall victim to: not having a clear and well-structured action plan for security and privacy. This security shortfall suddenly comes front and center at quarter end when that must-have...
Here’s part 2 of Ray Kruck’s, Tugboat Logic CEO and Founder, tips on building and leading remote and distributed teams to success. He draws upon his in-the-trenches experience from his time at Tugboat Logic and other start-ups he’s built.
Here’s part 1 of Ray Kruck’s, Tugboat Logic CEO and Founder, tips on building and leading remote and distributed teams to success. He draws upon his in-the-trenches experience from his time at Tugboat Logic and other start-ups he’s built.
Let's face it, you didn’t start your own company or decide to build an innovative solution with the goal of being a safe, cautious, risk-averse organization. You want to break things! Disrupt! Create! The challenge comes that once you bring your technology to market...
FINDING A PARTNER NOT A SUPPLIER Taking the decision to do a SOC-2 Type 1,2 or SOC-3 audit and report can be daunting. The commitment in time and resources is not insignificant. Given the importance to your company and the impact on your team’s resources and...
ISO/IEC 27001 is a standard set out by the International Standards Organization that helps your business manage the security of assets such as financial information, user data, intellectual property, employee details, or information entrusted to you by third parties...
The CCPA: Lessons from GDPR and Relevance for Start-Ups The California Consumer Privacy Act (CCPA) , signed into law in June, 2018, goes into effect on January 1, 2020 is the first meaningful step to providing a regulatory framework to online privacy rights in the...
In early 2005, the then United Nations Secretary-General Kofi Annan invited a group of the world’s largest institutional investors to join a process to develop the Principles for Responsible Investment. The Principles were launched in April 2006 at the New York Stock...
We need a new approach that allows risk and compliance to integrate security earlier in the software development and deployment process.
Wouldn’t it be great if IT and InfoSec teams could get their wish and there would be no humans touching vital systems or accessing sensitive data? Their risk management program would be airtight. But hoping that your team will always do the right thing, is not a...
Every profession has its own language to distinguish itself from other professions and to establish an official code that governs its practices. For the Compliance and Information Security team at a typical Fortune 500 company they rely on vendor assessment documents...
Having tracked this event for years as a startup guy, I finally decided to take the plunge and not only attend for the first time but also sponsor this legendary gathering. Over 14,000 entrepreneurs, investors and software-as-a-service fanatics made the trek this year...