StrongDM Blog (27)

Daniel Leslie Director of Security Intelligence & IT Operations at Namely on the Human Side of Security

This week we are joined by Daniel Leslie at Namely who shares his take on the human side of security, and what security at scale looks like for his

Token Security Podcast | Alan Daines Chief Information Security Officer at FactSet on Phishing

In this episode Max Saltonstall and Justin McCarthy are joined by Alan Daines, Chief Information Security Officer at FactSet to talk about phishing,

Posts by Category:

What is Data Center Security & 4 Ways to Improve

Data center security refers to the protection of data centers against threats such as cyber-attacks, natural disasters, and human error. The number of data centers has increased significantly over the last decade, and so has the amount of security-related disasters. In 2022, the global data center ...

Token Security Podcast | Johnathan Hunt, VP of Information Security at InVision Talks Secure Code

In this episode Max Saltonstall and Justin McCarthy are joined by Johnathan Hunt, VP of Information Security at InVision to talk about pen testing, bug bounty programs, and secure code.

How to Write Your Software Development Lifecycle Policy

A staggering amount of cybersecurity breaches are caused by software vulnerabilities. From the early worms of the 1980s through the early 2000s - like Blaster, Code Red, and Melissa - to the notable Petya and WannaCry of the past few years, these vulnerabilities are all rooted in software flaws that allowed systems to be exploited. A software development lifecycle (SDLC) policy helps your company not suffer a similar fate by ensuring software goes through a testing process, is built as securely

Token Security Podcast | NYC Cyber Command

This episode Max Saltonstall sits down in Manhattan with Quiessence Phillips, Deputy CISO and Head of Threat Management, City of New York and Colin Ahern, Deputy CISO, City of New York.

4 Key Considerations for Your Change Management Policy

Documenting and communicating policy and system changes in your organization can be an arduous task. But the effort becomes more manageable when you have a plan in place before an emergency.

Token Security Podcast | Andrew Mulholland, Head of Core Infrastructure at BuzzFeed

In this episode Justin McCarthy sits down with Andrew Mulholland, head of core infrastructure at BuzzFeed to talk about security incident response, remote access policy, and a money-back guarantee for OSS.

5 Disaster Recovery Policy (DRP) Best Practices to Know

The first step in this policy is to define the critical processes and assets necessary for you to maintain minimum business functions after a disaster.

Audit Log Review and Management Explained

The what, where, why and how of audit logging and review for IT security investigations and compliance requirements.

Defining Your IT Vendor Management Policy

As you work through the rigorous SOC 2 requirements, it is easy to get tunnel vision because so much of your work focuses on protecting your customers and their information. But what about the vendors you work with? Do you have a third-party IT vendor management strategy to address the risks they bring to your organization?

5 Password Policy Best Practices You Can Implement

Passwords are one of the most common targets for hackers, so it’s imperative that your company enforces a strong password policy. This policy will not only define the requirements of the password itself but the procedure your organization will use to select and securely manage passwords.

The Differences Between SOC 1 vs SOC 2

Confusing a SOC 1 vs SOC 2 audit is easy. While both compliance frameworks attest to the controls used within your organization, the frameworks differ in focus. SOC 1 looks at your organization’s financial reporting, while SOC 2 focuses on how you secure and protect customer data. This blog post will focus on exploring the differences between SOC 1 vs SOC 2.

PostgreSQL Log Queries and Audit

This is the first step to create an audit trail of PostgreSQL logs. Postgres can also output logs to any log destination in CSV by modifying the configuration.

25 26 27 28 29 29

Want to learn more?
See StrongDM in action. 👀

Book a Demo