
Get a break down the 2026 certification timeline, DFARS 7021 changes, and why self-attestation is no longer an option.
.png)
First time filling out an SAQ? Get advice from people who do this scoping every day.

Passwords could easily be your biggest security gap. FIDO Alliance's CTO breaks down passkeys and a simple SMB action plan to go passwordless this week.

One year after PCI DSS v4.0.1 requirements 6.4.3 and 11.6.1 were supposed to be in place, we now have data-backed reality on how these rules are actually playing out in the field.

Most organizations are making the same kinds of mistakes during their PCI assessments. Address the main issues our QSAs are seeing with this information.

A Side-by-Side Comparison of Agentless vs. Agent-based Solutions for PCI Requirement 6.4.3 and 11.6.1

90% of your cyber risk comes from just 2 vectors. See why AI has made social engineering more dangerous and how phishing-resistant MFA can stop it.

For small business owners, an incident doesn't just mean calling IT, it means operations shut down for days, VoIP phones go dark, and the cash flow stops.
.avif)
In this episode, QSAs Jen Stone and Michael Simpson break down the requirements that often catch even seasoned security teams off guard, specifically the new scrutiny on third-party scripts.

From understanding the three different levels of HITRUST to mastering the "storytelling" required for evidence, our experts break down how to move past the frustration and build a solid security foundation.
.avif)
Watch this to learn about how you can get the most out of your next cloud penetration test.

Matt "Heff" Heffelfinger explains the practical cybersecurity fundamentals every small business needs to reduce risk, strengthen defenses, and protect against today's evolving threats.
.avif)
Find out the dangerous difference between a gap analysis and a true Security Risk Analysis (SRA).

Listen to learn about the new NIST CSF 2.0 Small Business Quick Start Guide and identify the five fundamentals that actually move the needle on your security.

Host Jen Stone talks with Curt Dukes from the Center for Internet Security (CIS) to discuss how businesses can implement good enough security without unlimited resources.

Watch this to learn cybersecurity lessons from 2025 breaches and cybersecurity predictions for 2026 and beyond.

Watch to learn how to help you prepare your team, streamline your process, and set the foundation for a successful and smooth assessment process.

Our new detailed technical guide explains the intent of the new 6.4.3 and 11.6.1 requirements and what a solution needs to do in order to make your payment data safe.

Watch to learn how to get the most out of your penetration test

Watch this to learn what goes into scoping and pricing your PCI assessment.

By reading this, you’ll learn about the fundamental aspects of HITRUST certification, as well as receive answers to frequently asked questions about HITRUST.

By reading this, you'll learn about key 4.0.1, answer key questions about new PCI requirements, and lay out what you need to do to make adjustments and be prepared for 4.0.1.

Watch this to have a better understanding of what goes into a mobile penetration test and how it helps protect your data, your company, and your users.

Watch to learn how to prepare for a HITRUST Validation Assessment