Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Replay: December Product Showcase
On-demand Webinar

Replay: December Product Showcase

Uncover 6clicks' 2023 highlights and future roadmap in our on-demand Product Showcase. Dive into the latest innovations shaping risk and compliance so...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Gartner And The Magic Quadrant, description= Gartner And The Magic Quadrant is an analytical tool used by businesses and organizations to evaluate the competitive landscape of a particular industry or market. The tool, developed by Gartner, a research and advisory firm, is designed to help organizations identify the most competitive vendors and products in their respective markets. The tool is based on a four-quadrant model that evaluates vendors and products on two axes: their ability to execute and their completeness of vision. The ability to execute axis is based on the vendor’s product or service, its overall market share, the quality of its customer service, and its financial stability. The completeness of vision axis is based on the vendor’s understanding of the market, its innovation and its ability to meet customer needs. Vendors and products are then plotted on the Magic Quadrant based on their scores in both categories. The Magic Quadrant can help organizations identify the most promising vendors and products in their respective markets, enabling them to make informed decisions about which vendors and products to invest in., topic=null, hs_path=gartner-and-the-magic-quadrant}--
{tableName=glossary, name=Cloud Infrastructure, description= Cloud Infrastructure is a type of computing infrastructure that provides shared computer processing resources and data to computers and other devices on demand over the internet. It is typically composed of a combination of hardware and software components, such as servers, storage, networks, and applications. Cloud Infrastructure allows users to access their data and applications from any device, anywhere in the world, with minimal setup and maintenance. It is designed to be highly scalable and cost-effective, allowing businesses to quickly and easily expand their computing resources as needed. Cloud Infrastructure also provides enhanced security, reliability, and performance, making it a popular choice for businesses of all sizes., topic=null, hs_path=cloud-infrastructure}--
{tableName=glossary, name=ISO/IEC 27001 And ISO/IEC 27002, description= ISO/IEC 27001 and ISO/IEC 27002 are international standards developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC 27001 is an Information Security Management System (ISMS) standard that provides organizations with a framework for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system. It helps organizations manage the security of assets such as financial information, intellectual property, employee details, or information entrusted to them by third parties. ISO/IEC 27002 is a code of practice for information security management that provides guidelines for the selection, implementation, and management of security controls to protect information assets. It is based on the Plan-Do-Check-Act (PDCA) cycle and provides advice on the best practices for managing information security. It is designed to be used in conjunction with ISO/IEC 27001, but can also be used as a standalone guide., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-and-iso-iec-27002}--
{tableName=glossary, name=ISO/IEC Directives, description= ISO/IEC Directives are a set of standards and guidelines issued by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to ensure that all of their standards, technical specifications, and other documents are developed in a consistent, reliable, and transparent manner. They provide guidance on topics such as the structure and content of documents, the development and review process, the use of symbols, terminology, and abbreviations, and the use of language, among other things. They also provide guidance on the management and maintenance of standards and other documents, including their publication, registration, and withdrawal. The ISO/IEC Directives are designed to ensure that all of the documents produced by ISO and IEC are of the highest quality and provide the most reliable information to the public., topic=null, hs_path=iso-iec-directives}--
{tableName=glossary, name=Passive Scanning, description= Passive scanning is a type of network security scanning technique used to detect potential security threats on a computer network without sending any packets or initiating any direct communication with the target systems. Passive scanning is a non-intrusive way to assess a network's security posture by gathering information passively from the network traffic. This technique allows the scanning system to observe the traffic on the network without being detected or interfering with the normal flow of traffic. Passive scanning is useful for identifying weak points in a network's security as well as detecting malicious activity, such as malware, unauthorized access, or malicious code execution. Passive scanning can also help identify potential vulnerabilities in the network infrastructure, such as unpatched systems or unencrypted communication., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=passive-scanning}--
{tableName=glossary, name=Attestation of Compliance (AOC), description= Attestation of Compliance (AOC) is a formal declaration from an organization or individual that confirms that the organization or individual has met all of the necessary requirements to comply with a particular law, regulation, policy, or standard. It is typically used to demonstrate that an organization or individual has taken the necessary steps to ensure that they are in compliance with a particular set of rules or guidelines. An AOC is typically issued by an independent third-party organization or individual, such as a compliance officer or an auditor, and is used to provide evidence of compliance to an organization's stakeholders, regulators, or other interested parties. An AOC can cover a wide range of topics, including financial reporting, health and safety, and data privacy. Additionally, an AOC may contain detailed information about the measures taken to ensure compliance, as well as any corrective actions taken in response to any non-compliance., topic=null, hs_path=attestation-of-compliance-aoc}--
Gartner And The Magic Quadrant

Gartner And The Magic Quadrant is an analytical tool used by businesses and organizations to evaluat...

Cloud Infrastructure

Cloud Infrastructure is a type of computing infrastructure that provides shared computer processing ...

ISO 27001
ISO/IEC 27001 And ISO/IEC 27002

ISO/IEC 27001 and ISO/IEC 27002 are international standards developed by the International Organizat...

ISO/IEC Directives

ISO/IEC Directives are a set of standards and guidelines issued by the International Organization fo...

Vulnerability Management
Passive Scanning

Passive scanning is a type of network security scanning technique used to detect potential security ...

Attestation of Compliance (AOC)

Attestation of Compliance (AOC) is a formal declaration from an organization or individual that conf...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks