Our most relevant Security & Compliance articles

  • October 25, 2022

Should pentest exercises be performed? Why? How often?

When it comes to cybersecurity, nobody is immune to the risks. Penetration testing is a cybersecurity technique that mimics a cyber attack to identify and exploit vulnerabilities throughout an organization’s on-premise and/or cloud systems.
Some of the most important penetration testing methodologies and standards include OWASP, MASVS from OWASP, OSSTMM, and NIST.

Learn More about the main pen testing types and techniques.


SOC2, ISO, GDPR, CCPA, NIST, HIPAA, and others: Are they related?

In an industry that is increasingly saturated with security standards and regulations, it is important to know their scope, applicability, and how they relate to each other. Compliance, whether voluntary or mandatory, will depend on the type of company and/or its residence.

In this article, we will explain that in order to mitigate data risks efficiently and effectively over time, compliance with the 3 attributes as a whole is essential.


How GDPR Compliance and PII Protection Impact Your Business?

General Data Protection Regulation (GDPR) has emerged as a global standard for the Security and Compliance community.

You want to follow the GDPR rules to avoid legal, financial, and reputational troubles. However, GDPR is also beneficial for the expansion of local and international businesses. Even though GDPR is intended to protect the consumer’s PII, it also protects your business by forcing you to improve your security practices.

Learn More about How GDPR Compliance and PII Protection Impact Your Business.


What’s a CISO? And Why You Should Have One

An emerging role in organizational leadership is the CISO or Chief Information Security Officer. Many organizations do not have a CISO, especially true for startups that find having a CISO expensive.

The results of an attack caused by not having a CISO or the right CISO are often much more costly than having one in the first place.

Learn more about what’s a CISO and why you should have one.


Written by: Francisco Cruz Caviedes
General corrections and edition: Diego Woitasen