Endpoint Cybersecurity

Endpoint Cybersecurity We help you build your antivirus from ground up. https://www.endpoint-cybersecurity.com/contact/

In the previous article, we explored how Scrum enables teams to add security to the backlog and prioritize it based on r...
20/10/2024

In the previous article, we explored how Scrum enables teams to add security to the backlog and prioritize it based on risk. Incorporating security into the SDLC ensures that security is not an afterthought but an integral part of the development process. Security User Stories are specific, actionable items that articulate the security needs of the software in the same way functional requirements are handled....

In the previous article, we explored how Scrum enables teams to add security to the backlog and prioritize it based on risk. Incorporating security into the SDLC ensures that security is not an aft…

Contents Toggle Agile Software Development: Why It’s Better Using Scrum for software development Non-Functional features...
09/10/2024

Contents Toggle Agile Software Development: Why It’s Better Using Scrum for software development Non-Functional features in Scrum Security in Software Development The challenge of adding security user stories to the backlog How to add security to the Scrum backlog Conclusions Agile Software Development: Why It’s Better Traditional development methodologies, such as the Waterfall model, struggle to keep up with the need for quick iterations, frequent releases, and adaptability to changing requirements....

Contents Toggle Agile Software Development: Why It’s BetterUsing Scrum for software developmentNon-Functional features in ScrumSecurity in Software DevelopmentThe challenge of adding security user stories to the backlogHow to add security to the Scrum backlogConclusions Agile Software Development:...

The recent outage caused by Crowdstrike’s faulty update has create a lot of discussions. I wrote a post on LinkedIn wher...
14/08/2024

The recent outage caused by Crowdstrike’s faulty update has create a lot of discussions. I wrote a post on LinkedIn where I asked the readers why are IT professionals using Crowdstrike on some systems that shouldn’t be in need of such protection in the first place. The answers in various groups were mostly related to: protect everything against everyone assume the worse…...

The recent outage caused by Crowdstrike’s faulty update has create a lot of discussions. I wrote a post on LinkedIn where I asked the readers why are IT professionals using Crowdstrike on some systems that shouldn’t be in need of such protection in the first place. The answers in various groups ...

Contents Toggle Introduction Overview of ISO 27001:2022 Overview of TISAX VDA ISA 6.0 Overlaps between ISO 27001:2022 an...
04/07/2024

Contents Toggle Introduction Overview of ISO 27001:2022 Overview of TISAX VDA ISA 6.0 Overlaps between ISO 27001:2022 and TISAX VDA ISA 6.0 Differences between ISO 27001:2022 and TISAX VDA ISA 6.0 Implementation of TISAX Using ISO 27001 Conclusion Introduction ISO 27001:2022 and TISAX VDA ISA 6.0 are two prominent standards in the realm of information security management, particularly within the automotive industry....

Contents Toggle IntroductionOverview of ISO 27001:2022Overview of TISAX VDA ISA 6.0Overlaps between ISO 27001:2022 and TISAX VDA ISA 6.0Differences between ISO 27001:2022 and TISAX VDA ISA 6.0Implementation of TISAX Using ISO 27001Conclusion Introduction ISO 27001:2022 and TISAX VDA ISA 6.0 are two....

Contents Toggle Introduction Comparison of Various SOC Certification Versions SOC 1 (Service Organization Control 1) SOC...
22/05/2024

Contents Toggle Introduction Comparison of Various SOC Certification Versions SOC 1 (Service Organization Control 1) SOC 2 (Service Organization Control 2) Who Should Certify? Why Certify? What Is Certified? Topics Verified in SOC 2 Certification 1. Security 2. Availability 3. Processing Integrity 4. Confidentiality 5. Privacy Conclusion Introduction SOC 2 (Service Organization Control 2) certification is a framework designed by the American Institute of CPAs (AICPA) to help organizations manage customer data based on five Trust Service Criteria: , confidentiality,processing integrity, availability, security and privacy....

Contents Toggle IntroductionComparison of Various SOC Certification VersionsSOC 1 (Service Organization Control 1)SOC 2 (Service Organization Control 2)Who Should Certify?Why Certify?What Is Certified?Topics Verified in SOC 2 Certification1. Security 2. Availability3. Processing Integrity4. Confiden...

Contents Toggle What is Secure by Design? Who Should Be Interested? Why Is It Important? Focus of the Initiative Topics ...
17/05/2024

Contents Toggle What is Secure by Design? Who Should Be Interested? Why Is It Important? Focus of the Initiative Topics Covered by the Initiative Development and Implementation of Security Practices Stakeholder Collaboration Regulatory Compliance and Risk Management Implementation and Auditing How to Implement Auditing Responsibility and Governance Who Is Responsible? Governance Conclusion and further steps CISA’s Secure by Design Alert Series…...

Contents Toggle What is Secure by Design?Who Should Be Interested?Why Is It Important?Focus of the InitiativeTopics Covered by the InitiativeDevelopment and Implementation of Security PracticesStakeholder CollaborationRegulatory Compliance and Risk ManagementImplementation and AuditingHow to Impleme...

We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented...
27/04/2024

We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we end the series with ISO 27001:2022 Annex A.18, “Compliance”, which addresses the importance of ensuring that organizations comply with relevant laws, regulations, contractual agreements, and other requirements related to information security. This annex focuses on ensuring that the organization identifies and adheres to all applicable legal, statutory, regulatory, and contractual requirements regarding information security and the requirements of the ISMS itself....

We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we end the series with ISO 27001:2022 Annex A.18, “Compliance”, which addresses the importance of ensuring that organizations comply with relevant laws, regulations, co...

We described here the process needed to perform a gap analysis for NIS2, but we did not add the details on how to approa...
25/04/2024

We described here the process needed to perform a gap analysis for NIS2, but we did not add the details on how to approach this. This article references on the ISO27001:2022 series, especially on the description of the Annex A controls. Make sure you are familiar with the ISO 27oo1:2022 requirements and the with the Annex A. Contents…...

We described here the process needed to perform a gap analysis for NIS2, but we did not add the details on how to approach this. This article references on the ISO27001:2022 series, especially on the description of the Annex A controls. Make sure you are familiar with the ISO 27oo1:2022 requirements...

If your product is already on the market, or if you just want to release it, you need to ensure that it has a good reput...
18/09/2023

If your product is already on the market, or if you just want to release it, you need to ensure that it has a good reputation. Balancing features that improve monetization with criteria that lower the product's reputation is not an easy task. For this you need a partner with experience in Product and Project Management for security products. The reputation of your products has a direct impact on the reputation of the company and the other way around....

If your product is already on the market, or if you just want to release it, you need to ensure that it has a good reputation. Balancing features that improve monetization with criteria that lower the product's reputation is not an easy task. For this you need a partner with experience in Product an...

We wrote here that the first step in implementing NIS2 requirements is to perform a gap analysis. The most critical pa...
12/08/2023

We wrote here that the first step in implementing NIS2 requirements is to perform a gap analysis. The most critical part when performing a gap analysis is to define upfront against which standard or security framework are you comparing the existing situation. It is usual when performing a gap analysis of security maturity to compare against ISO 27000 standard, the ISO 27001 in particular....

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the first step in implementing NIS2 requirements is to perform a gap analysis. The most critical part when performing a gap analysis is to define upfront against which standard or security framework are you comparing the exist...

Adresse

BuchenStr. 22/1
Tettnang

Webseite

Benachrichtigungen

Lassen Sie sich von uns eine E-Mail senden und seien Sie der erste der Neuigkeiten und Aktionen von Endpoint Cybersecurity erfährt. Ihre E-Mail-Adresse wird nicht für andere Zwecke verwendet und Sie können sich jederzeit abmelden.

Verknüpfungen

Teilen

Kategorie