Planning Your Vendor Risk Assessment Questionnaire
Business requires trust, but knowing whether your vendors merit that trust is difficult. With the rise of information technology, the ways in which trust can be broken, intentionally or unintentionally, have multiplied and become more ...
Read more →
A Brief History of Vendor Risk Scoring
Vendor risk scoring is a practice that has emerged to address the complexity of vendor management by assigning vendors a single score– typically a number or letter grade– to facilitate comparison between vendors and portfolios. The past ...
Read more →
Five Things to Know About Third Party Risk
In managing cyber risk, it’s not enough to ensure that your business’s systems and enterprise web presence are secure. You must look beyond your perimeter properly vet the third and fourth-party vendors who will have access to your data ...
Read more →
Secure Rsync in the Enterprise
Introduction Utilities in the Enterprise Modern enterprise data centers are a complex mix of different technologies geared towards accomplishing business goals. Some of these technologies are pricy, big-name business solutions, but some ...
Read more →
UpGuard Helps You Find The Right Steps
It is increasingly hard to trust your technology as it scales along with your business. New servers, network appliances or applications are constantly added to your IT environment in costly efforts to optimize your business needs. With ...
Read more →
UpGuard Procedures: Digitize Runbooks. Reduce Poor Documentation.
Most engineering teams we connect with tell us they do not have any runbook repositories of documentation for logging their processes.
Read more →
Configuration Monitoring on Ubuntu OS
As the most common Linux distro, configuration monitoring for Ubuntu OS requires straightforward scan setups and easy to understand visualizations of change.
Read more →
BitSight vs SecurityScorecard
Information technology has changed the way people do business. For better, it has brought speed, scale, and functionality to all aspects of commerce and communication. For worse, it has brought the risks of data exposure, breach, and ...
Read more →
SaltStack vs Ansible Revisited
It's been a while since we last covered these two leading IT automation solutions—suffice to say, both SaltStack and Ansible have evolved significantly since then. Let's take a fresh look at how they compare when it comes ...
Read more →
Cavirin vs RiskRecon
The emergence of the cyber risk assessment space marks a strategic shift in how enterprises handle digital threats, from traditional, ineffective security-centric approaches to blended frameworks that combine layered security and risk ...
Read more →
Rapid7 vs Qualys
According to the Forbes Insights/BMC second annual IT Security and Operations Survey, 43 percent of enterprises plan on redoubling their patching and remediation efforts in 2017, citing patch automation investments as having the best ROI ...
Read more →
Arachni vs OWASP ZAP
Penetration testing (pen testing) is crucial for developing and maintaining hardened, attack-resilient systems—these can be applications, nodes, or entire networks/environments. Specialized tools are readily available for discovering ...
Read more →
Docker vs CoreOS Rkt
Unless you've been hiding under a rock in a datacenter from the last century, chances are you've heard of Docker, the leading software container solution on the market. And if so, you've likely heard of its chief competitor CoreOS as well. ...
Read more →
AppDynamics vs New Relic
As pure play digital businesses, SaaS vendors live and die by their uptime and availability; fortunately, a plethora of tools are available these days for monitoring and troubleshooting the entire stack. AppDynamics and New Relic are two ...
Read more →
SolarWinds vs SCOM
We've covered more than a handful of IT monitoring solutions, but few dominate their categories like SolarWinds and Microsoft SCOM, the two contenders in this match-up. From the network to the servers and applications, SolarWinds' suite of ...
Read more →
ForeScout vs Tanium
IT admins managing expansive infrastructures require specialized tools for discovering IT assets living in their environments—no trivial task, considering the myriad of nodes connected at any given time: guest laptops, mobile devices, ...
Read more →
Tripwire vs Qualys
In a recent report by Forbes and BMC, known vulnerabilities were cited as the leading cause of data breaches, accounting for 44 percent of security incidents. These statistics underscore the importance of proper vulnerability ...
Read more →
SCOM vs Splunk
The enterprise's infrastructure monitoring needs have evolved drastically over the years; more often, firms need operational intelligence regarding the health and performance of a myriad of IT assets: physical/virtual servers, ...
Read more →
Tanium vs IBM BigFix
You may have heard that perimeter security is dead, but rest assured, IT folks aren't about to do way with their corporate firewalls just yet. The perimeter is just one—albeit critical—dimension of your organization's digital attack ...
Read more →
Tripwire vs Varonis
Data analytics continue to play an integral function in cybersecurity—from SIEM to advanced network-based intrusion detection (NID), today's leading solutions are heavily reliant on data science-backed, actionable threat intelligence to ...
Read more →