Blogs
800-171: A Key Number for Working with the Federal Government
By Corey Clements Protecting the Country’s Data Ask what data can do for you but also ask what is required to protect your organization’s data. Data is only valuable when [...]
Look Before You Leap: The Value of FedRAMP Pre-Assessment
By Corey Clements “The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud [...]
Penetration Testing: Add to your Spring Cleaning
By Tobias McCurry Here in the Washington, D.C. area, we’ve been enjoying unseasonably warm weather. T-shirts and open windows belie the fact that it’s still winter, for another 17 days [...]
5 Things to Look for in Choosing a 3PAO
By Corey Clements In my recent post, “Look before You Leap: The Value of FedRAMP Pre-Assessment,” I compared earning FedRAMP authorization to climbing Mt. Everest. Both require the assistance of [...]
How Hackers Exploit Legitimate Openings into Your Corporate Network
By Tobias McCurry Companies have a hard time justifying a need to test their internal environment. The internal network is often a mystery box of systems. A majority of companies [...]
Faster FedRAMP: Preparing for RAR Success
By Jamie Graf What is a RAR? A FedRAMP Readiness Assessment Report (RAR) demonstrates a cloud service provider’s (CSP) capability to meet FedRAMP security requirements, and that they are ready [...]
Ready to Demonstrate Compliance with NIST SP 800-171? Sharpen those #2 Pencils!
By Corey Clements In order to be useful, data must be analyzed and shared, while also being adequately protected to ensure security, compliance, and privacy. And that is the purpose [...]
800-171 Spring ’19 Update: DoD Contractors Need to Take Note
By Corey Clements Cybersecurity concerns are driving a tougher stance from DoD on contractors and their implementation of security controls to protect controlled unclassified information (CUI). The Department of Defense [...]
Get Smart on FIPS 140-2 Validation for FedRAMP
By Corey Clements As a certified third-party assessment organization (3PAO), SecureIT has wide-ranging experience with the issues and challenges that cloud service providers (CSPs) encounter as they prepare for FedRAMP [...]
Testing your Mobile App before Publishing
Smartphones and tablets are ubiquitous—nearly everyone has one. These tiny computers have access to lots of personal information. Having a mobile app can help your company with customer service, ordering, [...]
The Difference Between a Vulnerability Scan and a Pen Test
Because vulnerability scanning and penetration testing (pen testing) sound like two phrases for the same activity, we often take time to demystify the confusion surrounding these two information security activities. [...]
SecureIT and the White Hat Gala to Benefit Children’s National Health System
By David Trout The White Hat organization was established in 2004 in the United Kingdom to protect vulnerable children through charitable means. In 2012, Paul Innella, CEO of TDI, and [...]