Recently, the FedRAMP program (via the OMB) released a request for feedback on new guidance documentation for penetration testing under the program. The new guidance standards target organizations and 3PAOs undergoing or performing penetration tests under FedRAMP requirements.
The new guidance addresses new attack vectors targeting subsystems in IT infrastructure.
Here, we’ll cover his newest draft about new guidance standards for FedRAMP penetration testing.
An emergency vulnerability has emerged in Ivanti products and appliances, and it has sent many service providers, especially those in the federal space, in a rush to close their gaps and respond as best they can.
This article covers the incident, the government’s response, and what it means for service providers.
With all the focus on network security, SaaS compliance, and big data protection, it’s sometimes very easy to forget that the most vulnerable parts of any given system are often those tied to the user. These devices (endpoints) are where these users do most of their work and where a lack of security best practices can threaten an entire infrastructure.
Here, we’re touching on endpoint security: what it is, what it means, and how you can rethink your approach in light of security and compliance needs.