Planning Your Vendor Risk Assessment Questionnaire

Business requires trust, but knowing whether your vendors merit that trust is difficult. With the rise of information technology, the ways in which trust can be broken, intentionally or unintentionally, have multiplied and become more ...

A Brief History of Vendor Risk Scoring

Vendor risk scoring is a practice that has emerged to address the complexity of vendor management by assigning vendors a single score– typically a number or letter grade– to facilitate comparison between vendors and portfolios. The past ...

Five Things to Know About Third Party Risk

It's no longer enough to simply ensure that your organization's systems and enterprise web presence are secure. Your risk management program needs to look beyond the perimeter of your organization to properly vet the third and fourth-party ...

Secure Rsync in the Enterprise

Introduction Utilities in the Enterprise Modern enterprise data centers are a complex mix of different technologies geared towards accomplishing business goals. Some of these technologies are pricy, big-name business solutions, but some ...

UpGuard Helps You Find The Right Steps

It is increasingly hard to trust your technology as it scales along with your business. New servers, network appliances or applications are constantly added to your IT environment in costly efforts to optimize your business needs. With ...

UpGuard Procedures: Digitize Runbooks. Reduce Poor Documentation.

Most engineering teams we connect with tell us they do not have any runbook repositories of documentation for logging their processes.

Configuration Monitoring on Ubuntu OS

As the most common Linux distro, configuration monitoring for Ubuntu OS requires straightforward scan setups and easy to understand visualizations of change.

BitSight vs SecurityScorecard

Information technology has changed the way people do business. For better, it has brought speed, scale, and functionality to all aspects of commerce and communication. For worse, it has brought the risks of data exposure, breach, and ...

SaltStack vs Ansible Revisited

It's been a while since we last covered these two leading IT automation solutions—suffice to say, both SaltStack and Ansible have evolved significantly since then. Let's take a fresh look at how they compare when it comes ...

Cavirin vs RiskRecon

The emergence of the cyber risk assessment space marks a strategic shift in how enterprises handle digital threats, from traditional, ineffective security-centric approaches to blended frameworks that combine layered security and risk ...

Rapid7 vs Qualys

According to the Forbes Insights/BMC second annual IT Security and Operations Survey, 43 percent of enterprises plan on redoubling their patching and remediation efforts in 2017, citing patch automation investments as having the best ROI ...

Arachni vs OWASP ZAP

Penetration testing (pen testing) is crucial for developing and maintaining hardened, attack-resilient systems—these can be applications, nodes, or entire networks/environments. Specialized tools are readily available for discovering ...

Docker vs CoreOS Rkt

Unless you've been hiding under a rock in a datacenter from the last century, chances are you've heard of Docker, the leading software container solution on the market. And if so, you've likely heard of its chief competitor CoreOS as well. ...

AppDynamics vs New Relic

As pure play digital businesses, SaaS vendors live and die by their uptime and availability; fortunately, a plethora of tools are available these days for monitoring and troubleshooting the entire stack. AppDynamics and New Relic are two ...

SolarWinds vs SCOM

We've covered more than a handful of IT monitoring solutions, but few dominate their categories like SolarWinds and Microsoft SCOM, the two contenders in this match-up. From the network to the servers and applications, SolarWinds' suite of ...

ForeScout vs Tanium

IT admins managing expansive infrastructures require specialized tools for discovering IT assets living in their environments—no trivial task, considering the myriad of nodes connected at any given time: guest laptops, mobile devices, ...

Tripwire vs Qualys

In a recent report by Forbes and BMC, known vulnerabilities were cited as the leading cause of data breaches, accounting for 44 percent of security incidents. These statistics underscore the importance of proper vulnerability ...

SCOM vs Splunk

The enterprise's infrastructure monitoring needs have evolved drastically over the years; more often, firms need operational intelligence regarding the health and performance of a myriad of IT assets: physical/virtual servers, ...

Tanium vs IBM BigFix

You may have heard that perimeter security is dead, but rest assured, IT folks aren't about to do way with their corporate firewalls just yet. The perimeter is just one—albeit critical—dimension of your organization's digital attack ...

Tripwire vs Varonis

Data analytics continue to play an integral function in cybersecurity—from SIEM to advanced network-based intrusion detection (NID), today's leading solutions are heavily reliant on data science-backed, actionable threat intelligence to ...