Blogs
CMMC Compliance Solutions
Compliance with the Cybersecurity Maturity Model Certification (CMMC) program requires DoD contractors to undergo cybersecurity audit and certification, beginning mid 2020. CMMC will be a single standard for all DoD [...]
5 Free Burp Tutorials and Cheat-Sheets for Penetration Testing
By Tobias McCurry As part of our penetration testing and vulnerability assessment services, SecureIT uses an application security testing (AST) tool called Burp by PortSwigger. (No, I don’t know why [...]
800-171: A Key Number for Working with the Federal Government
By Corey Clements Protecting the Country’s Data Ask what data can do for you but also ask what is required to protect your organization’s data. Data is only valuable when [...]
5 Things to Look for in Choosing a 3PAO
By Corey Clements In my recent post, “Look before You Leap: The Value of FedRAMP Pre-Assessment,” I compared earning FedRAMP authorization to climbing Mt. Everest. Both require the assistance of [...]
Faster FedRAMP: Preparing for RAR Success
By Jamie Graf What is a RAR? A FedRAMP Readiness Assessment Report (RAR) demonstrates a cloud service provider’s (CSP) capability to meet FedRAMP security requirements, and that they are ready [...]
Ready to Demonstrate Compliance with NIST SP 800-171? Sharpen those #2 Pencils!
By Corey Clements In order to be useful, data must be analyzed and shared, while also being adequately protected to ensure security, compliance, and privacy. And that is the purpose [...]
800-171 Spring ’19 Update: DoD Contractors Need to Take Note
By Corey Clements Cybersecurity concerns are driving a tougher stance from DoD on contractors and their implementation of security controls to protect controlled unclassified information (CUI). The Department of Defense [...]
Get Smart on FIPS 140-2 Validation for FedRAMP
By Corey Clements As a certified third-party assessment organization (3PAO), SecureIT has wide-ranging experience with the issues and challenges that cloud service providers (CSPs) encounter as they prepare for FedRAMP [...]
The Difference Between a Vulnerability Scan and a Pen Test
Because vulnerability scanning and penetration testing (pen testing) sound like two phrases for the same activity, we often take time to demystify the confusion surrounding these two information security activities. [...]
SecureIT and the White Hat Gala to Benefit Children’s National Health System
By David Trout The White Hat organization was established in 2004 in the United Kingdom to protect vulnerable children through charitable means. In 2012, Paul Innella, CEO of TDI, and [...]