Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Common Vulnerabilities And Exposures (CVE), description= Common Vulnerabilities and Exposures (CVE) is a list of publicly known cyber security vulnerabilities and exposures. It is maintained by the non-profit organization, the MITRE Corporation, and is sponsored by the U.S. Department of Homeland Security. CVE is a dictionary of standardized names for vulnerabilities and exposures that are used to reference publicly known security issues. It provides a reference to security vulnerabilities and exposures, which allows developers and security professionals to identify and share information about these issues. The list of vulnerabilities and exposures is constantly updated and includes detailed information about the severity of the issue, the affected software and hardware, and the type of attack. CVE also provides a reference to the associated Common Vulnerability Scoring System (CVSS) score, which is used to rank the severity of the vulnerability or exposure. This score is used to help prioritize security patches and other security measures. CVE is an important resource for security professionals and developers, as it helps them quickly identify and address security issues., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=common-vulnerabilities-and-exposures-cve}--
{tableName=glossary, name=ISO/IEC Directives Part 1, description= ISO/IEC Directives Part 1 is an international standard that provides guidelines for the development, approval, publication, and maintenance of International Standards, Technical Specifications, Technical Reports, and Publicly Available Specifications. It is the main document of the ISO/IEC process for the development and publication of international standards. It outlines the roles and responsibilities of the various entities involved in the process, such as the ISO/IEC members, the ISO/IEC Technical Management Board, the ISO/IEC Central Secretariat, and the ISO/IEC Technical Committees. It also outlines the process for the development of new standards, the review process, and the publication and maintenance process. Furthermore, it provides guidance on the use of the ISO/IEC logo and the ISO/IEC copyright statement. Finally, it outlines the process for the withdrawal, revision, and amendment of existing standards., topic=null, hs_path=iso-iec-directives-part-1}--
{tableName=glossary, name=Internet Of Things (IOT), description= The Internet of Things (IOT) is a network of physical objects, or things, embedded with electronics, software, sensors, and network connectivity that enables these objects to collect and exchange data. This data is sent over a network, usually the Internet, and can be used to control, monitor, and track the objects. The IOT creates an environment of interconnectivity between physical objects, allowing them to communicate with each other and with a central server, creating a vast network of connected devices. This network of devices can be used to automate and improve everyday activities, such as home automation, security, health and fitness, and transportation. IOT can also be used to create new business models and applications, such as smart cities, connected cars, and smart homes. The IOT is transforming the way we interact with the world around us and is expected to revolutionize the way businesses operate in the future., topic=null, hs_path=internet-of-things-iot}--
{tableName=glossary, name=DOS Attack, description= A DOS attack (denial of service attack) is a malicious attempt to make a computer or network resource unavailable to its intended users. It typically involves flooding the target machine or network with useless requests in an attempt to overload the system and prevent legitimate requests from being processed. The goal of a DOS attack is to disrupt the normal functioning of a system, usually by temporarily or indefinitely disabling the service or resource. The most common type of DOS attack is the distributed denial of service (DDoS) attack, which is launched from multiple compromised systems. Other types of DOS attacks include ping flood, SYN flood, and teardrop attack. All DOS attacks are illegal and punishable by law., topic=null, hs_path=dos-attack}--
{tableName=glossary, name=Passive Scanning, description= Passive scanning is a type of network security scanning technique used to detect potential security threats on a computer network without sending any packets or initiating any direct communication with the target systems. Passive scanning is a non-intrusive way to assess a network's security posture by gathering information passively from the network traffic. This technique allows the scanning system to observe the traffic on the network without being detected or interfering with the normal flow of traffic. Passive scanning is useful for identifying weak points in a network's security as well as detecting malicious activity, such as malware, unauthorized access, or malicious code execution. Passive scanning can also help identify potential vulnerabilities in the network infrastructure, such as unpatched systems or unencrypted communication., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=passive-scanning}--
{tableName=glossary, name=ISO/IEC Accreditation, description= ISO/IEC accreditation is an internationally recognized standard for the evaluation of organizations that provide certification services. It is a process of assessing the competence of an organization to provide certification services, including the processes and procedures used to ensure that certification is conducted in accordance with the relevant international standards. In order to be accredited, an organization must demonstrate that it has the necessary technical and organizational infrastructure, personnel, and resources to perform certification activities in accordance with the requirements of the relevant international standards. ISO/IEC accreditation is issued by a recognized accreditation body, such as the International Accreditation Forum (IAF). Accreditation is an important part of the certification process, as it ensures that certified products and services meet the required standards and are of the highest quality., topic=null, hs_path=iso-iec-accreditation}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...