Category: Process Auditing Best Practices
-
Understanding Red & Blue Teams
How secure are you? Let Blue and Red teams establish a robust system for your organization. What is a blue team? A blue team consists of security professionals with an inside-out view of their organization. Their task is to protect the organization’s critical assets against any threat. They are well aware of the business objectives and…
-
NIST Preparation
Why is NIST Mandatory? NIST preparation typically refers to the process of preparing for a security assessment or audit based on the guidelines and requirements outlined by the National Institute of Standards and Technology (NIST). Does your company’s government contracts cite the DFARS cybersecurity controls? The National Institute of Standards and Technology (NIST) SP 800-171…
-
Penetration Testing Phases
Phase 1: Pre-Engagement Preparing and planning which tools and scripts to use. Agreeing to what type of testing will occur (White, Black, or Gray Box) as well as defining the scope of engagement. Document a contract in writing that explains the goal, expectations, and risk of the testing. Phase 2: Reconnaissance Through the use of…