The full scope of our solutions.
Employees’ security awareness.
Demystify and automate your SOC 2 audit.
Demystify and automate your ISO 27001 audit.
Demystify and automate compliance with GDPR.
Demystify and automate becoming PCI DSS compliant.
Get guidance on building your InfoSec program and complete RFPs in minutes.
Automate your security audits, risk assessments and RFPs.
Automate your InfoSec operations and manage all your products in one place.
Your source for security and compliance information.
Live and OnDemand.
See what’s working for our customers.
Expand and share your knowledge.
Get your product info here.
In-depth guides for everything you need to know about security and compliance.
Tugboat Logic story.
Request documents.
Current matches for your
Despite our best efforts, sometimes things go wrong. The best way to handle situations should they arise, is to have a plan to act in advance, and keep that plan updated when threats change. This not only covers risks to your data by bad actors but plans in the event of a server outage or a natural disaster as a few examples.
Your formal Change Management Process will guide you through the planning and implementation of your changes. Documentation and approval need to cover all the changes in terms of software, enhancements, applications and any other systems or elements the changes will involve or touch.
Author: Alexandre Côté, Vumetric Cybersecurity Penetration testing, also known as ethical hacking or pentesting, plays an important role in the compliance process of various standards, including SOC 2, PCI-DSS, and ISO 27001. According to the National Institute of...
Change happens whether we like it or not, and that holds true for an organization’s systems and offerings. Keeping track of these changes might be a tedious task, but critical for knowing when changes happened and who made them.
Creating a plan for Security Awareness Training is only half the battle. Implementing and ensuring that your employees follow that plan regularly is the key to implementing this control. Also, investing in training and security awareness programs is vital for sustainable business growth and success.
How you train your employees will largely determine their effectiveness and adherence to company policies. While many practices can be common sense and their skills catered specifically to the job they were hired to perform, a training plan can go a long way to ensure that elements of your organization stay safe, secure and run as smoothly as possible.
Evaluating and assessing your employees regularly will maintain momentum and ensure they continue to fulfill the requirements of the job.
A useful collection of terms to help you navigate the security and compliance industry.
Halloween was yesterday, but something even scarier is around the corner: CCPA. Just kidding. CCPA is not scary, nor is it something to dread. What’s actually scary about the CCPA is the estimated total cost for all businesses (who either operate out of California or...
Earthquakes aren't the only things shaking up California: the California Consumer Privacy Act (CCPA) will take effect in about two months on Jan 1, 2020, and everyone from sales consultants to compliance experts has been weighing in (even my parents discussed the pros...
Here’s a quick recap of what’s happened in a GDPR world in the past 12 months, and 12 learnings you can implement from GDPR’s first year.
Does it apply to you? Since the EU rolled out the General Data Protection Regulation (GDPR) last year, large enterprises have been scrambling to reduce the risk of non-compliance associated with the new privacy regulations. But you may be wondering: How does GDPR...