Learn

Featured

Trusted provider of Security Solutions

Learn more about our approach to Holistic Cybersecurity

Download Now

SecureIT is continually reviewing trends, examining technologies and engaging in standards development in cyber security, information assurance, audit, and regulatory compliance. Those efforts, combined with our first hand experience solving our customers’ problems, yield eBooks and videos that offer insights, guidance and best practice. We hope that you find them useful.

SecureIT’s FedRAMP Infographic 

Gain valuable perspective on the entire FedRAMP authorization process in one picture.  SecureIT’s FedRAMP infographic shows the role of upfront planning and preparation in achieving FedRAMP success.

 

FR Infographic TN

 

 

 

 

 

 

 

 

 

 

FedRAMP Advisory Services  

CSPs seeking to achieve FedRAMP authorization need a partner who can steer them onto the right path for fast, efficient FedRAMP success.

ds_thumbnail

 

 

 

 

 

 

 

 

 

FedRAMP Assessment Services  

SecureIT understands the ins and outs of inherited controls when you user authorized platforms and services. We provide certainty in your FedRAMP pursuit and help you gain the most advantage from your infrastructure choices.

ds_thumbnail

 

 

 

 

 

 

 

 

 

FedRAMP eBook: 8 Mistakes to Avoid  for Success

Read the leading FedRAMP eBook that has helped hundreds of CSPs save time and money on their authorization initiative.  Our FedRAMP eBook shows you where problems arise and help to properly plan from the beginning so you can avoid unexpected delays.

 

2019-06-07_01-10-37

 

 

 

 

 

 

 

 

LI-SaaS Planning Guide eBook:  Accelerate Authorization with FedRAMP Tailored 

Access must-read tips on gearing up for a FedRAMP project for LI-SaaS offerings.   We explain the track, requirements for qualifying and how to planning LI-SaaS projects for faster, more efficient and more certain authorization.

 

SecureIT LI-SaaS ebook tn

 

 

 

 

 

 

 

 

FedRAMP Tech Bulletin: FIPS 140-2 Validation Q&A  

Our FedRAMP Tech Bulletin provides key insights and answers regarding FIPS 140-2 validation and audit requirements for FedRAMP. You will gain critical information that helps your team effectively plan and execute FIPS 140-2 efforts for FedRAMP audits and overall authorization success.

SecureIT FedRAMP FIPS

 

 

 

 

 

 

 

 

 

ATO on AWS Customer Success Profile 

Gain deeper insights into how SecureIT speeds FedRAMP authorization efforts for CSPs that leverage AWS.   SecureIT works hand-in-hand with your technical and compliance teams to ensure your environment, processes and controls comply with FedRAMP requirements so you achieve FedRAMP Ready status and FedRAMP Agency authorization on time.

secureit ato-aws-tnail

 

 

 

 

 

 

 

 

NIST 800-171 Infographic 

Clear the way for your Federal contracts in 2018.  Get key facts and planning advice to successfully tackle these compliance requirements for doing business with the US Government.

See it Now.


Burp Primer Videos & Cheatsheets 

Companies need a complete understanding of their risk and exposure. SecureIT’s penetration testing services test and verify the effectiveness of currently deployed security measures.  This video and cheatsheet provides an overview of one of the tools that we use in order to detect network vulnerabilities.

secureit burp primer

Click on the links below to watch the videos & download the cheatsheets:

Burp Proxy Setup & Configuration

Burp Initial Assessment

Burp Test Definition

Burp Specialized Analysis & Detection Tools

Burp Add-On’s

sudo Security and Risk Management Videos Series  

Could more than a dozen of your employees have root access to mission critical servers due to error?  SecureIT’s experience indicates that many companies have incorrectly implemented or maintained sudo exposing information assets to heightened risk from malicious actors.  Register and watch these videos now as Greg Kent, SVP of SecureIT provides a valuable discussion on sudo background, common sudo implementation mistakes, and policies for safer sudo going forward.

secureit sudo part 1

 

 

 

 

 

 

 

Watch the sudo security video series now.

Part 1: Introduction to sudo & Common Use Cases

Part 2: Attacks on Poorly Written User Specifications

Part 3: Root Causes of the Problem & Resolving sudo Security Issues

Managing SSH Keys and Associations

The Secured Shell (SSH) service is widely deployed to provide secured connectivity between systems. In other words, SSH is the secured alternative for telnet or ftp services, which are clear text and could expose user credentials and sensitive network traffic to eavesdroppers. SSH provides an encrypted tunnel through which users can enter commands, transfer files, or even use an X Windows graphical users interface.

For many years, auditors have been advocating wide deployment of SSH as a costeffective solution to the security problem of clear text network transports. OpenSSH is the most commonly deployed implementation of the SSH protocol. The price is right – it’s free – and it does not require the complexities of a Public Key Infrastructure (PKI) for generating keys. However, many organizations that have large OpenSSH deployments have found that SSH can introduce new security problems that can be as significant as the problem of clear text transmissions.

Written by Greg Kent, SecureIT Vice President,  our three part SSH eBook series provides a comprehensive discussion of the risks, solutions and preventive measures that can improve the security and success of your SSH deployment.

Part 1: Background and Risks

SSH BandR v2

 

 

 

 

Part 2: Risk Management & Solutions

SSH-RMS

 

 

 

 

Part 3: Policy and Prevention

SSH-PandP v2