Trusted provider of Security Solutions
Learn more about our approach to Holistic CybersecurityDownload Now
SecureIT is continually reviewing trends, examining technologies and engaging in standards development in cyber security, information assurance, audit, and regulatory compliance. Those efforts, combined with our first hand experience solving our customers’ problems, yield eBooks and videos that offer insights, guidance and best practice. We hope that you find them useful.
LI-SaaS Planning Guide eBook: Accelerate Authorization with FedRAMP Tailored
Access must-read tips on gearing up for a FedRAMP project for LI-SaaS offerings. We explain the track, requirements for qualifying and how to planning LI-SaaS projects for faster, more efficient and more certain authorization.
FedRAMP Tech Bulletin: FIPS 140-2 Validation Q&A
Our FedRAMP Tech Bulletin provides key insights and answers regarding FIPS 140-2 validation and audit requirements for FedRAMP. You will gain critical information that helps your team effectively plan and execute FIPS 140-2 efforts for FedRAMP audits and overall authorization success.
ATO on AWS Customer Success Profile
Gain deeper insights into how SecureIT speeds FedRAMP authorization efforts for CSPs that leverage AWS. SecureIT works hand-in-hand with your technical and compliance teams to ensure your environment, processes and controls comply with FedRAMP requirements so you achieve FedRAMP Ready status and FedRAMP Agency authorization on time.
NIST 800-171 Infographic
Clear the way for your Federal contracts in 2018. Get key facts and planning advice to successfully tackle these compliance requirements for doing business with the US Government.
Burp Primer Videos & Cheatsheets
Companies need a complete understanding of their risk and exposure. SecureIT’s penetration testing services test and verify the effectiveness of currently deployed security measures. This video and cheatsheet provides an overview of one of the tools that we use in order to detect network vulnerabilities.
Click on the links below to watch the videos & download the cheatsheets:
sudo Security and Risk Management Videos Series
Could more than a dozen of your employees have root access to mission critical servers due to error? SecureIT’s experience indicates that many companies have incorrectly implemented or maintained sudo exposing information assets to heightened risk from malicious actors. Register and watch these videos now as Greg Kent, SVP of SecureIT provides a valuable discussion on sudo background, common sudo implementation mistakes, and policies for safer sudo going forward.
Watch the sudo security video series now.
Managing SSH Keys and Associations
The Secured Shell (SSH) service is widely deployed to provide secured connectivity between systems. In other words, SSH is the secured alternative for telnet or ftp services, which are clear text and could expose user credentials and sensitive network traffic to eavesdroppers. SSH provides an encrypted tunnel through which users can enter commands, transfer files, or even use an X Windows graphical users interface.
For many years, auditors have been advocating wide deployment of SSH as a costeffective solution to the security problem of clear text network transports. OpenSSH is the most commonly deployed implementation of the SSH protocol. The price is right – it’s free – and it does not require the complexities of a Public Key Infrastructure (PKI) for generating keys. However, many organizations that have large OpenSSH deployments have found that SSH can introduce new security problems that can be as significant as the problem of clear text transmissions.
Written by Greg Kent, SecureIT Vice President, our three part SSH eBook series provides a comprehensive discussion of the risks, solutions and preventive measures that can improve the security and success of your SSH deployment.
Part 1: Background and Risks
Part 2: Risk Management & Solutions
Part 3: Policy and Prevention