2022-08-02T07:24:00Z
EB
Director of Community at PeerSpot (formerly IT Central Station)
  • 247
Published:

Community Spotlight #19

Search for a product comparison in Application Security Testing (AST)
1
PeerSpot user
1 Comment
EB
Director of Community at PeerSpot (formerly IT Central Station)
Community Manager
2022-08-02T08:26:09Z
Aug 2, 2022

@Chris Childerhose, @PraveenKambhampati, @Deena Nouril, @Shibu Babuchandran and @reviewer1925439,


Thank you for contributing your articles and sharing your professional knowledge with 618K PeerSpot community members around the globe as well as with a much bigger readers audience!

Chris Childerhose - PeerSpot reviewer
Lead Infrastructure Architect at ThinkON
Real User
ExpertTop 5
Aug 2, 2022

@Evgeny Belenky my pleasure always great to give back to the community.

PeerSpot user
Learn what your peers think about Coverity. Get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
734,678 professionals have used our research since 2012.
Related Questions
reviewer2163450 - PeerSpot reviewer
User at Onyxia
Apr 26, 2023
Hello community,  I work for a small computer software company. With all the CPIs you keep track of across your cybersecurity program, how are you keeping track and reporting on the value?  Thank you.
See 2 answers
SP
Information Technology Infrastructure Specialist at TLIC
Apr 25, 2023
Come on guys, the correct answer to this is the Microsoft Admin Portal and your Azure Admin and the Security and Compliance centers. Everyone wants to buy new SaaS when most of the Controls and Safeguards are built into  MS. Steven Palange, steven_palange@tlic.com reach out for any and all your SaaS renewals. 
reviewer2054484 - PeerSpot reviewer
Cybersecurity Architect at a manufacturing company with 10,001+ employees
Apr 26, 2023
For small companies, utilize the tooling you already have in place like the MS Office or the Atlassian Suite, etc. Ultimately, as you grow towards enterprise scale, Archer and ServiceNow (Governance, Risk, Compliance) can help with everything from compliance workflow to tracking incidence response. As a Cyber Architect in a corporate Fortune 500, we use a medley of integration with our SIEM, Vulnerability Tool, and all the collected data can be accessed by Tableau to generate a dynamic web graph. When you start tracking vulnerabilities and incidents, the data you accumulate can be expressed in your appropriate CPI. If you lack data for a particular CPI, then you may a gap in your cyber program.
Avigayil Henderson - PeerSpot reviewer
Content Development Manager at PeerSpot
Feb 22, 2023
Hi community,  Please share your input and help out fellow peers. Thank you.
See 2 answers
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Feb 19, 2023
Hi, some of the best cloud compliance reporting tools are as below- * Checkpoint CloudGuard Dome9 * Nutanix Xi Beam * Qualys Cloud Platform * Sophos Cloud Optix * Symantec Control Compliance Suite
LW
Content Editor at PeerSpot
Feb 22, 2023
There is probably no single tool that can completely unify cloud compliance reporting across all cloud providers and compliance frameworks. That's a pretty big ask (but a good one). But there are, of course, tools that streamline compliance reporting and make the process easier to manage across multiple cloud environments and compliance standards. These compliance management platforms can help identify compliance gaps, enforce policies, and generate compliance reports. Prisma Cloud enables you to monitor, view, and report on cloud infrastructure health and your compliance posture. You can create reports with both summary and detailed findings of security and compliance risks and it also offers a Compliance Dashboard and the ability to create custom compliance standards. Check Point CloudGuard Posture Management looks to automate conformance to regulatory requirements and security best practices. It provides compliance posture management for AWS, Azure, Google Cloud, Alibaba Cloud, and Kubernetes and claims to reference over 50 compliance frameworks. It also enables customization of cloud compliance with its proprietary Governance Specification Language. Touting 65 out-of-the-box frameworks, CIS Benchmarks, and custom compliance checks, Orca Security is an agentless solution that works across multiple cloud platforms. It exposes and prioritizes issues so that compliance gaps can be addressed strategically. Another option is Chef Compliance, which leverages certified, curated audit and remediation content and aims to make sure assets are always in compliance with CIS benchmarks and DISA STIGs. It supports multiple cloud providers and compliance frameworks. Perhaps lesser-known, CloudCheckr helps maintain security and compliance in the cloud and monitors cloud infrastructure against dozens of standards including PCI DSS, HIPAA, CIS, and NIST. Cloud One - Conformity, from Trend Micro, works toward security, compliance, and governance of cloud infrastructure with real-time monitoring and auto-remediation features for AWS, Microsoft Azure, and Google Cloud.
Related Articles
Deena Nouril - PeerSpot reviewer
Tech Blogger
Aug 5, 2022
What is OWASP? The OWASP or Open Web Application Security Project is a nonprofit foundation dedicated to improving software security. It operates under an open community model, meaning that anyone can participate in and contribute to OWASP-related online chats and projects. The OWASP ensures that its offerings (online tools, videos, forums, events, etc.) remain free and are easily accessible t...
See 2 comments
Ben Arbeit - PeerSpot reviewer
Manager at a retailer with 51-200 employees
Jul 31, 2022
Thanks for this informative article.
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a retailer with 10,001+ employees
Aug 5, 2022
OWASP is nice, but very specific and currently limited. How about trying ISO-24772 for all?
Related Articles
Deena Nouril - PeerSpot reviewer
Tech Blogger
Aug 5, 2022
What is OWASP Top 10 in 2022
What is OWASP? The OWASP or Open Web Application Security Project is a nonprofit foundation dedi...
Download Free Report
Download our free Coverity Report and get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
DOWNLOAD NOW
734,678 professionals have used our research since 2012.