• Social Menu
  • Social Menu
  • Social Menu
  • Social Menu
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001 Resources
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001 : Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • CMMC Marketplace FAQs
      • SSP for CMMC
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Our Stance on Inclusivity
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
  • 1-888-PIVOT-POINT
    1-888-748-6876
  • info@pivotpointsecurity.com
  • 1-888-PIVOT-POINT | 1-888-748-6876
  • info@pivotpointsecurity.com
Pivot Point Security
PPS ISO 27001 Logo
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001: Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • SSP for CMMC
      • CMMC Marketplace FAQs
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Inclusivity: Our Stance & Actions
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
Access The Latest Episodes from The Virtual CISO Podcast

What is Threat Modeling and How Does It Differ from Risk Assessment?

by Jeremy Sporn | Aug 25, 2020 | Application Security

Reading Time: 3 minutes Threat modeling is a vital but often overlooked component of the software development lifecycle for secure web applications. “The sooner the better, but never too late,” doing threat modeling helps identify and understand threats...

OWASP ASVS: Web Application Testing Comes of Age

by Jeremy Sporn | Jul 3, 2020 | Application Security

Reading Time: 3 minutes If your organization builds, buys or uses web applications, you’ve probably heard of the Open Web Application Security Project (OWASP) and its Application Security Verification Standard (ASVS). Now at Version 4, the ASVS is a big...

Web App Developers Don’t Need to Be Security Experts to Use the OWASP ASVS

by Jeremy Sporn | Jul 2, 2020 | Application Security

Reading Time: 2 minutes The Application Security Verification Standard (ASVS) Version 4 from the Open Web Application Security Project (OWASP) is among the most comprehensive and practical guidance available for organizations looking to build or buy secure...

70% of Web Apps Have Open Source Security Flaws—Here’s How to Fix Yours

by John Verry | Jul 1, 2020 | Application Security

Reading Time: 2 minutes 70% of applications have open source security flaws, according to recent Veracode research. Virtually all applications developed are built using some open source components. As Chris Eng, Chief Research Officer at Veracode, notes,...

OWASP ASVS Version 4.0 Controls Checklist Spreadsheet + 5 Benefits

by Jeremy Sporn | Sep 6, 2019 | Penetration Testing

Reading Time: 2 minutes If you’re involved in web application security, you’ve probably heard of the Open Web Application Security Project (OWASP) and its popular Top 10 list of vulnerabilities. But you may not be as familiar with a parallel effort that in...
« Older Entries
RSS RSS Feed

Free Downloads

  • ISO 27001 Roadmap
  • ISO 27001 Cost Guide
  • vCISO Roadmap
  • View All »

Filter Articles By Tags

Application application security testing ASVS business continuity planning CCPA CMMC compliance cyber attacks cybersecurity Data Breach data privacy Disaster Recovery disaster recovery plan Financial GDPR hackers information security information security risk infosec ISMS ISO 27001 ISO 27001 audit ISO 27002 Law Legal municipal government NIST OWASP OWASP ASVS Passwords Penetration Test Phishing regulation Risk Assessment Risk Management SCA security awareness education security awareness training SIEM SOC 2 Social Engineering The Virtual CISO Podcast tprm vCISO Vendor Risk Management

Blog Categories

  • ISO 27001 Certification
  • ISMS Consulting
  • InfoSec Risk Assessment
  • Penetration Testing
  • Ethical Hacking
  • Business Continuity Management
  • FedRamp
  • Disaster Recovery

About Us

Pivot Point Security has been architected to provide maximum levels of independent and objective information security expertise to our varied client base.

Free Resources »

Recent Blog Posts:

  • FedRAMP – What is It and Who Needs to Know?
  • CMMC System and Information Integrity Domain: Quick Sketch
  • CMMC System and Communications Protection Domain: Rapid Rundown
  • CMMC Situational Awareness Domain: Summary
white ISO 27001 logo
  • Home
  • Blog
  • About Pivot Point Security
  • The Virtual CISO Podcast

© 2001 - 2021 Pivot Point Security Privacy Policy | Cookie Policy | External Linking Policy | Sitemap