by John Verry | Jul 1, 2020 | Application Security
Reading Time: 2 minutes
70% of applications have open source security flaws, according to recent Veracode research. Virtually all applications developed are built using some open source components. As Chris Eng, Chief Research Officer at Veracode, notes,... by John Verry | Jun 25, 2020 | ISO 27001 Certification
Reading Time: 3 minutes
No offense, but your ISMS Internal Audit approach/program probably sucks. How would I know? Because Pivot Point Security performs 100+ ISO 27001 ISMS Internal Audits each year for companies across different verticals. What makes them... by John Verry | Jun 24, 2020 | InfoSec Strategies
Reading Time: 3 minutes
Information security is a well easily fallen into. There are so many options on the market, and so many things to consider. It’s hard to determine what you actually need, and sometimes companies tend to just grab everything in sight... by John Verry | Jun 17, 2020 | Cybersecurity Maturity Model Certification (CMMC), InfoSec Strategies, ISO 27001 Certification
Reading Time: 4 minutes
Thomas Price from BSI is a crazy-accomplished auditor. He has experience in ISO 9001, 20000, 27001, 27017, NIST 800-171, NIST CSF. This guy knows his stuff. I truly believe he will be one of the first auditors to be certified to... by John Verry | Jun 9, 2020 | Application Security, Network Security, Penetration Testing
Reading Time: 4 minutes
Anyone with a computer and an Internet connection can set themselves up as a penetration testing or cyber incident response service provider. What methods does your organization have in place for vetting an individual or company...
