Learning Center

search
Search...
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
CMMC Certification Timeline in 2026: What Defense Contractors Need to Know Now
CMMC

Get a break down the 2026 certification timeline, DFARS 7021 changes, and why self-attestation is no longer an option.

Which PCI SAQ Do You Actually Need?
PCI

First time filling out an SAQ? Get advice from people who do this scoping every day.

Passwords are Dead: Why You Need to Move to Passkeys
Data Security

Passwords could easily be your biggest security gap. FIDO Alliance's CTO breaks down passkeys and a simple SMB action plan to go passwordless this week.

One year of PCI v4.0 checkbox blindness: Automating PCI Requirements6.4.3 and 11.6.1
PCI Requirements 6.4.3 and 11.6.1: An Expert's Guide to Defeating eSkimmers
Ecommerce Security

One year after PCI DSS v4.0.1 requirements 6.4.3 and 11.6.1 were supposed to be in place, we now have data-backed reality on how these rules are actually playing out in the field.

7 Common Mistakes of PCI Assessments
PCI Audit

Most organizations are making the same kinds of mistakes during their PCI assessments. Address the main issues our QSAs are seeing with this information.

What Solution for PCI Requirements 6.4.3 and 11.6.1 is Right For You?
Ecommerce Security

A Side-by-Side Comparison of Agentless vs. Agent-based Solutions for PCI Requirement 6.4.3 and 11.6.1

The Autonomous Hacker: AI, Ransomware, and the New Rules of Cyber Defense
Data Security

90% of your cyber risk comes from just 2 vectors. See why AI has made social engineering more dangerous and how phishing-resistant MFA can stop it.

When You Get Hacked, "Calling IT" Isn't A Plan
HIPAA

For small business owners, an incident doesn't just mean calling IT, it means operations shut down for days, VoIP phones go dark, and the cash flow stops.

Podcast with Jen Stone and Michael Simpson
SAQ A Unpacked: What Merchants Actually Need to Know
PCI

In this episode, QSAs Jen Stone and Michael Simpson break down the requirements that often catch even seasoned security teams off guard, specifically the new scrutiny on third-party scripts.

Why Asset Management and "Storytelling" are Keys to HITRUST
HITRUST

From understanding the three different levels of HITRUST to mastering the "storytelling" required for evidence, our experts break down how to move past the frustration and build a solid security foundation.

Secure Your Cloud
The Blueprint for a Successful Cloud Penetration Test
Penetration Testing

Watch this to learn about how you can get the most out of your next cloud penetration test.

4 Critical Tasks for Small IT Teams
SMB

Matt "Heff" Heffelfinger explains the practical cybersecurity fundamentals every small business needs to reduce risk, strengthen defenses, and protect against today's evolving threats.

Podcast by Jen Stone: Your Biggest Gap
Why Your Security Risk Analysis is Probably Wrong
HIPAA

Find out the dangerous difference between a gap analysis and a true Security Risk Analysis (SRA).

Podcast with Jen Stone: 'Yes, SMBs can use NIST CSF'.
Cybersecurity Fundamentals: Why NIST Still Matter for SMBs
SMB

Listen to learn about the new NIST CSF 2.0 Small Business Quick Start Guide and identify the five fundamentals that actually move the needle on your security.

Podcast about Cybersecurity on a Budget.
Practical Cybersecurity for Merchants: CIS Controls
Compliance

Host Jen Stone talks with Curt Dukes from the Center for Internet Security (CIS) to discuss how businesses can implement good enough security without unlimited resources.

Presentation screen with the word Webinar highlighted in a blue box.
Forensic Analysis of 2025 and Predictions for 2026
Forensics

Watch this to learn cybersecurity lessons from 2025 breaches and cybersecurity predictions for 2026 and beyond.

Presentation screen with the word Webinar highlighted in a blue box.
Best Practices for a First Time PCI Audit
PCI Audit

Watch to learn how to help you prepare your team, streamline your process, and set the foundation for a successful and smooth assessment process.

Illustration of three blank white papers.
PCI DSS v4 Guidance Document: Requirements 6.4.3 and 11.6.1
Ecommerce Security

Our new detailed technical guide explains the intent of the new 6.4.3 and 11.6.1 requirements and what a solution needs to do in order to make your payment data safe.

Webinar written on a presentation board.
Penetration Testing 101: How to Get the Most Out of Your Pen Test
Penetration Testing

Watch to learn how to get the most out of your penetration test

Illustration of a presentation board displaying the word Webinar in blue and white colors.
Your PCI Audit Questions Answered: Pricing, Scoping & Complexity
PCI Audit

Watch this to learn what goes into scoping and pricing your PCI assessment.

Stack of papers with the top one labeled White Paper in a blue box on a white background.
HITRUST 101: Answering Your Biggest Questions
HITRUST

By reading this, you’ll learn about the fundamental aspects of HITRUST certification, as well as receive answers to frequently asked questions about HITRUST.

Illustration of a white paper document with text lines on two additional pages behind it.
What’s Changed with 4.0.1? A Guide to the New PCI Requirements
PCI

By reading this, you'll learn about key 4.0.1, answer key questions about new PCI requirements, and lay out what you need to do to make adjustments and be prepared for 4.0.1. 

Presentation board with the word Webinar highlighted in a blue box.
What Happens During A Mobile Penetration Test
Penetration Testing

Watch this to have a better understanding of what goes into a mobile penetration test and how it helps protect your data, your company, and your users.

Blue and white presentation board showing the word Webinar in bold text.
What You Can Expect from a HITRUST Assessment
HITRUST

Watch to learn how to prepare for a HITRUST Validation Assessment