Sign In
Sign In
Explore
AWS
Azure
GCP
Information Security Policy
PCI Assessment
Risk Assessment
SOC 2 Audit
Audit
Start A Scan
Information Security Policy Review
PCI Report Analysis
Risk Assessment Review
SOC 2 Report Analysis
Learn
Contact
Pricing
Sign In
Testing - Webinar Design 1
Copy Link
Related Videos
A Thorough Audit Makes a Difference
Copy Link
A Typical Journey with Risk
Copy Link
Achieving High Availability in AWS
Copy Link
Auditor Insight: The Top 3 Issues with Your Risk Assessment [WEBINAR]
Copy Link
Avoid Using Default Service Account When Configuring Instances
Copy Link
Benefits of Risk Management
Copy Link
Business Environment
Copy Link
Cloud Services Are Assets with Risk
Copy Link
Communicating Risk Assessment Results
Copy Link
Components to Include in Your Cybersecurity Program
Copy Link
Consider the Potential for Fraud in Assessing Risks
Copy Link
Consistently Manage User Accounts with OS Login
Copy Link
Create an Assessment Together
Copy Link
Creating Unity Through Risk Assessment
Copy Link
Cyber Threat Intelligence
Copy Link
Data Protection Impact Assessments and GDPR
Copy Link
Defining Likelihood and Impact
Copy Link
Defining Risk, Threat and Vulnerability
Copy Link
Definitions for Risk Assessment Components
Copy Link
Determining Impact to Your Assets
Copy Link
Disabling Insecure Ports and Protocols
Copy Link
Do Data Privacy Laws Require Specific Security Controls?.mov
Copy Link
Do Not Enable Serial Ports for VM Instance
Copy Link
Do Not Use Project-Wide SSH Keys When Authenticating Instances
Copy Link
Does Zero Risk Exist
Copy Link
Don't Discount Likelihood
Copy Link
EC2 Instances in Availability Zones
Copy Link
Enable Access Transparency to Monitor Google Cloud Engineer Access
Copy Link
Enable Alerting for Cloud Storage IAM Permission Changes
Copy Link
Enable Bucket Lock to Protect Sink Destinations from Modification
Copy Link
Enable Cloud Audit Logging Across Your Project
Copy Link
Enable Cloud DNS Logging for VPC Networks
Copy Link
Enable HTTPS Connections on App Engine Applications
Copy Link
Enable Shielded VM to Ensure Operating System is Trustworthy
Copy Link
Encrypt BigQuery Datasets with Customer Managed Encryption Key (CMEK)
Copy Link
Encrypted Cardholder Data and Scope
Copy Link
Encryption Opportunities
Copy Link
Encryption for EBS Volumes
Copy Link
Encryption for S3 Buckets
Copy Link
Ensure Alerts Exist for Project Ownership Changes
Copy Link
Ensure Alerts are Received for VPC Network Changes
Copy Link
Ensure BigQuery Datasets Are Not Publicly Accessible
Copy Link
Ensure Cloud Storage Buckets Are Not Publicly Accessible
Copy Link
Establish a Log Metric Alert for Configuration Changes in SQL Instances
Copy Link
Evaluating Likelihood and Impact
Copy Link
Events that Drive Key Rotation
Copy Link
Generate Log Metric Alerts for Custom Role Changes
Copy Link
HIPAA Risk Analysis
Copy Link
HIPAA Safe Harbor
Copy Link
HIPAA and Risk Analysis
Copy Link
HITRUST and Risk Assessment
Copy Link
Harden Cloud SQL Database with Logging
Copy Link
Historically View Project Resources in Asset Inventory
Copy Link
How Do We Become Compliant With PCI?.mp4
Copy Link
How Do You Scope a PCI DSS Assessment?
Copy Link
How Much Time Does An Assessment Take?
Copy Link
How Often Should We Assess Risk
Copy Link
How to Configure Encryption for EBS Volumes on New EC2 Instances
Copy Link
How to Configure Encryption for S3 Buckets
Copy Link
How to Define Your Scope
Copy Link
How to Identify, Analyze, and Manage Risks to Objectives
Copy Link
How to Properly Assess Client Risk
Copy Link
How to Restrict Public Access to S3 Buckets
Copy Link
How to Use S3 Bucket Policies
Copy Link
How to Use S3 Versioning and Lifecycle Rules
Copy Link
IP Forwarding Should Not Be Enabled for Instances
Copy Link
ISO 27001 Clause 6.1.1
Copy Link
ISO 27001 Clause 6.1.2
Copy Link
ISO 27001 Risk Assessment Documentation
Copy Link
Identify Your Assets
Copy Link
Identify and Assess Changes That Could Impact Internal Controls
Copy Link
Identify and Mitigate Risk with a Risk Assessment Policy
Copy Link
Identify and Prioritize Your Cloud Security Risk
Copy Link
Identifying Assets, Threats, and Vulnerabilities
Copy Link
Industry Standards for Risk Assessment
Copy Link
Introduction to NIST SP 800-30
Copy Link
Introduction to NIST SP 800-39
Copy Link
Just start!
Copy Link
Key Rotation and Management
Copy Link
Leverage Confidential Computing to Protect Data
Copy Link
Leverage Google Cloud Engineers by Granting Access Approval
Copy Link
Limiting PCI DSS Scope
Copy Link
Load Balancers Must Require TLS 1.2
Copy Link
Manage Access Securely Using Uniform Bucket-Level Access
Copy Link
Minimize Public IP Address on Compute Instances
Copy Link
Minimize Root and SA Account Access in Cloud SQL
Copy Link
Monitoring Changing Risk
Copy Link
NIST CSF Identify Function
Copy Link
NIST Security & Privacy Controls
Copy Link
Overview of Environmental Risk
Copy Link
PCI DSS Assessment Scope: Identify All Other People Processes and Technology
Copy Link
PCI DSS Assessment Scope: Identify Cardholder Data Flows
Copy Link
PCI DSS Assessment Scope: Identify People and Processes
Copy Link
PCI DSS Assessment Scope: Identify Technology
Copy Link
PCI DSS Assessment Scope: Identify Third Parties
Copy Link
PCI DSS and Risk Assessment
Copy Link
PCI Requirement 12.2 – Implement a Risk Assessment Process
Copy Link
PCI v4.0 - 11.1.1: Requirement 11 Polices and Procedures Are In Place
Copy Link
PCI v4.0 - 11.1.2: Requirement 11 Roles and Responsibilities Are In Place
Copy Link
PCI v4.0 - 11.2.1: Wireless Access Points Are Properly Managed
Copy Link
PCI v4.0 - 11.2.2: Maintain Inventory of All Authorized Wireless Access Points
Copy Link
PCI v4.0 - 11.3.1.1: Manage Non-High Risk and Non-Critical Vulnerabilities Appropriately
Copy Link
PCI v4.0 - 11.3.1.2: Use Authenticated Vulnerability Scanning Tools for Internal Scans
Copy Link
PCI v4.0 - 11.3.1.3: Perform Internal Scans After Significant Changes
Copy Link
PCI v4.0 - 11.3.1: Perform Internal Vulnerability Scans Frequently
Copy Link
PCI v4.0 - 11.3.2.1: Perform External Scans After Significant Changes
Copy Link
PCI v4.0 - 11.3.2: Perform External Vulnerability Scans Frequently
Copy Link
PCI v4.0 - 11.4.1: Define Document and Implement a Penetration Testing Methodology
Copy Link
PCI v4.0 - 11.4.2: Regularly Perform Internal Penetration Testing
Copy Link
PCI v4.0 - 11.4.3: Regularly Perform External Penetration Testing
Copy Link
PCI v4.0 - 11.4.4: Correct Vulnerabilities Found in Penetration Testing
Copy Link
PCI v4.0 - 11.4.5 & 11.4.6: Test the Effectiveness of Segmentation Controls Regularly
Copy Link
PCI v4.0 - 11.4.7: Multi-Tenant Service Providers Support Customers for External Penetration Testing
Copy Link
PCI v4.0 - 11.5.1.1: Detect Alert and Address Covert Malware Communication Channels
Copy Link
PCI v4.0 - 11.5.1: Implement Intrusion Detection and or Prevention Techniques
Copy Link
PCI v4.0 - 11.5.2: Deploy a Change-Detection Mechanism
Copy Link
PCI v4.0 - 11.6.1: Change-Detection or Tamper-Detection Mechanisms Are Deployed on Payment Pages
Copy Link
Partner With Risk Assessment Experts
Copy Link
Partner with a Risk Assessment Expert
Copy Link
Personnel Risk
Copy Link
Preparing for a Risk Assessment
Copy Link
Preventing Publicly Available S3 Buckets
Copy Link
Ranking Risk
Copy Link
Re-Keying for Decryption
Copy Link
Real-world Risk Assessment
Copy Link
Receive Alerts for Audit Configuration Changes
Copy Link
Receive Alerts for VPC Network Firewall Rule Changes
Copy Link
Register for a Risk Assessment Workshop
Copy Link
Restrict API Permissions If Using Default Service Accounts
Copy Link
Restrict Unnecessary External Access in Cloud SQL
Copy Link
Risk Assessment Obstacles
Copy Link
Risk Assessment Policy
Copy Link
Risk Assessment Requirements
Copy Link
Risk Management Strategy
Copy Link
Risk Treatment for ISO 27001
Copy Link
SOC 2 Academy - How to Manage Risks
Copy Link
SOC 2 Academy - What Types of Risks Does Your Organization Face?
Copy Link
SOC 2 Academy: Assessing the Significance of Risk
Copy Link
SOC 2 Academy: How Fraud Can Impact Risk
Copy Link
SOC 2 Academy: How to Perform Thorough Inventory
Copy Link
Should I Share Our Risk Assessment
Copy Link
Six Types of Risk
Copy Link
Specify Customer-Managed Encryption Key (CMEK) as Default in BigQuery Datasets
Copy Link
Specify Objectives for Risk Assessments
Copy Link
Step One for Risk Assessment
Copy Link
Testing - Webinar Design 2
Copy Link
The Assessment of Fraud for SOC 2
Copy Link
The Importance of Patch Management in Virtual Machines
Copy Link
Thinking About Likelihood and Impact
Copy Link
Third Parties and Your PCI DSS Assessment
Copy Link
Third Parties are Threats Too
Copy Link
Three Types of Controls
Copy Link
Tips for Getting Started with Risk Assessment
Copy Link
Transfer of Legal Risk
Copy Link
Types of Assets to Consider
Copy Link
Understanding NIST SP 800-39
Copy Link
Use Cloud Logging Sinks to Retain Logs
Copy Link
Use Customer Supplied Encyryption Keys (CSEK) for Critical VM Disks
Copy Link
Use TLS to Encrypt All Connections in Cloud SQL
Copy Link
Using AWS KMS
Copy Link
Using S3 Versioning
Copy Link
Using TLS 1.2 to Encrypt Data in Transit
Copy Link
Using Your Risk Assessment Results
Copy Link
VPC Network Route Changes Should Trigger Alerts
Copy Link
What Data Does PCI DSS Apply To?
Copy Link
What Threats Should Be Considered
Copy Link
What are Threats
Copy Link
Who Does PCI DSS Apply To?
Copy Link
Who Is Involved In PCI?
Copy Link