System and Organization Control (SOC) report reviews are a common part of the third-party due diligence function. These reports can be lengthy, contain elements that you really need to understand and agree to, different reviewers may produce different results, and one must understand how to properly review them. It is not sufficient enough to only […]
System and Organization Control (SOC) reports have quickly become a standard request for SaaS application providers in order for customers to perform a security due diligence review. So, are all SOC reports the same? No! Should you read the SOC report? Absolutely! How should you properly review a SOC report? Read on 🙂 Background SOC […]
A well-run cybersecurity team operates like a beautiful orchestra, each individual knowing their part and contributing to the same goal. A cybersecurity team may consist of team members wearing numerous hats ranging from management, to defensive, and offensive security. The offensive team members will attack their own organization to find vulnerabilities so the other teams […]
At Stern Security, we have declared February 2nd as Two-Factor Authentication Day! The date is 2/2 so naturally it’s the best day for this holiday. This is a day to spread awareness about 2-factor authentication which is one of the most important ways to protect your online accounts at home and at work. Using a […]
Introduction Not all vulnerability scans are created equal. The configuration of a vulnerability scan makes an enormous impact on your results. Authenticated vulnerability scans will provide much greater insight into an organization’s security posture than unauthenticated scans. However, there is a place for unauthenticated vulnerability scans. This article discusses the differences between authenticated and unauthenticated […]
Background Technology has dramatically changed almost all aspects of human life, giving us amazing communication ability, a healthcare revolution, financial opportunities, and safe energy, all growing at exponential rates. These benefits become risks if the technology is not made secure. At Stern Security, our mission is to secure the planet, business by business, industry by […]
Phishing attacks can happen to anyone whether you’re a CEO, financial analyst, nurse, janitor, IT specialist, or receptionist. In the 2020 Internet Crime Report, the FBI revealed phishing was the top reported cybercrime, consisting of 241,342 reported incidents. This number has more than doubled since 2019. Phishing attacks often consist of an email that is […]
A Vulnerability Scan is NOT a Penetration Test. Unfortunately, when we perform third-party reviews or risk analyses, we often see that organizations get these two terms mixed. In this article, we are providing information about the differences so companies get the accurate services they need (and paid for) and they can achieve their compliance goals. […]
Stern Security’s Founder and CEO co-authored one of Cisco Press’ hottest security training courses – Security Penetration Testing (The Art of Hacking Series) LiveLessons. The course consists of over 10 hours of expert cybersecurity training. This is an excellent way to provide cost-effective training to security staff!
The September 2017 (Volume 15 Issue 9) edition of the ISSA Journal features an article by our Founder and Principal, Jon Sternstein. The title of the story is “Healthcare Security Ailments and Treatments the World Needs to Know” and provides valuable insight into healthcare data breaches. All of the graphs shown can be recreated on […]
- 1
- 2