Loading...
Secure IT – Learn2022-11-11T15:49:12+00:00

Datasheets

Learn more details about our services and why choosing SecureIT for your information security, audit, and compliance initiative gives organizations the most value and while delivering the confidence needed to focus on your core business.

FedRAMP Advisory Services

Download Now

FedRAMP 3PAO Services

Download Now

Penetration Testing Services

Download Now

IT Audit & Compliance Services

Download Now

SOC 2 Audit Services

Download Now

CMMC Compliance Services

Download Now

SecureIT 800-53 Rev5 Advsiory Services DS-FL-21

Download Now

Tech Bulletins – Speed Authorization Success with our FedRAMP Insights

Learn more details about our services and why choosing SecureIT for your information security, audit, and compliance initiative gives organizations the most value and while delivering the confidence needed to focus on your core business.

Defining the FedRAMP System Boundary 

Download Now

Vulnerability Management FAQs 

Download Now

FedRAMP FIPS 140-2 Validation Tech Bulletin

Download Now

FedRAMP FIPS 140-2 Validation Example

Download Now

13 Mistakes to Avoid for FedRAMP Success

Download Now

FedRAMP Moderate Equivalency for DoD Contractors

Download Now

eBooks

SecureIT is continually reviewing trends, examining technologies and engaging in standards development in cyber security, information assurance, audit, and regulatory compliance. Those efforts, combined with our first hand experience solving our customers’ problems, yield whitepapers and reports that offer insights, guidance and best practice. We hope that you find them useful.

12 Secrets to SOC 2 Success

Attaining SOC 2 compliance is a common requirement for service organizations to attract mid-sized and large commercial customers. Many software service providers first try to obtain SOC 2 compliance through internal initiatives.

Unfortunately, SecureIT has found that most organizations seeking first time SOC 2 compliance underestimate the scope of the challenges they face and overestimate the ability of their IT organization to implement the controls and process changes needed.

This eBook shares insights that we have gained from providing guidance and hands-on assistance to enable dozens of organizations to achieve and sustain SOC 2 compliance on their first attempt.

Read Now

Transforming IT Audit for Cloud Computing

Access proven best practices and valuable insights from industry leaders that will propel success with your cloud audit. The eBook is a must read for increasing IT Audit’s success in planning, executing, and monitoring cloud audit initiatives.

Read Now

FedRAMP Tailored

LI-SaaS Success
Planning Guide

Greg Kent
Vice President, SecureIT

Read Now

CMMC Compliance

Preparing for Success
eBook

David Trout
President & CEO, SecureIT

Read Now

Managing SSH Keys and Associations

The Secured Shell (SSH) service is widely deployed to provide secured connectivity between systems. In other words, SSH is the secured alternative for telnet or ftp services, which are clear text and could expose user credentials and sensitive network traffic to eavesdroppers. SSH provides an encrypted tunnel through which users can enter commands, transfer files, or even use an X Windows graphical users interface.

For many years, auditors have been advocating wide deployment of SSH as a costeffective solution to the security problem of clear text network transports. OpenSSH is the most commonly deployed implementation of the SSH protocol. The price is right – it’s free – and it does not require the complexities of a Public Key Infrastructure (PKI) for generating keys. However, many organizations that have large OpenSSH deployments have found that SSH can introduce new security problems that can be as significant as the problem of clear text transmissions.

Written by Greg Kent, SecureIT Vice President, our three part SSH eBook series provides a comprehensive discussion of the risks, solutions and preventive measures that can improve the security and success of your SSH deployment.

x

Part 1: Background and Risks

Download Now

x

Part 2: Risk Management & Solutions

Download Now

x

Part 3: Policy and Prevention

Download Now

Learn

Transforming IT Audit for Cloud Computing

Access proven best practices and valuable insights from industry leaders that will propel success with your cloud audit. The eBook is a must read for increasing IT Audit’s success in planning, executing, and monitoring cloud audit initiatives.

Learn More

Burp Primer Videos & Cheatsheets

Companies need a complete understanding of their risk and exposure. SecureIT’s penetration testing services test and verify the effectiveness of currently deployed security measures. This video and cheatsheet provides an overview of one of the tools that we use in order to detect network vulnerabilities.

Click on the links below to watch the videos & download the cheatsheets:

Burp Proxy Setup & Configuration >>

Burp Initial Assessment >>

Burp Test Definition >>

Burp Specialized Analysis & Detection Tools >>

Burp Add-On’s >>

sudo Security and Risk Management Videos Series

Could more than a dozen of your employees have root access to mission critical servers due to error? SecureIT’s experience indicates that many companies have incorrectly implemented or maintained sudo exposing information assets to heightened risk from malicious actors.

Register and watch these videos now as Greg Kent, SVP of SecureIT provides a valuable discussion on sudo background, common sudo implementation mistakes, and policies for safer sudo going forward.

Watch the sudo security video series now.

Part 1: Introduction to sudo & Common Use Cases & Configuration >>

Part 2: Attacks on Poorly Written User Specifications >>

Part 3: Root Causes of the Problem & Resolving sudo Security Issues >>

Blogs

Go to Top