DBSecWorx Vulnerability Audits
Home / Services / Vulnerability Audits


 
      Products Services Industries Resources Relationships About Us

Does passing all of the required audits demonstrate a secure environment?

Sarbanes Oxley, Gramm Leach Bliley, Center for Internet Security, NIST, DFARS, HIPAA, PCI, STIGs, ... all come with a comprehensive list of what you must and must not do to comply.

If you believe they  have anything to do with security: Which audit did OPM fail? or Experian? or Yahoo? Or First American Financial? or the many thousands of others that have reported breaches. Why haven't you read a single story about any of them failing an audit? Perhaps, because they didn't.

While working for a major US retailer we performed a White Hat attack, stealing credit cards, while being interviewed by a PCI auditor. We told the truth and the retailer passed the audit. That evening we helped them secure their databases so it couldn't happen again. The auditor asked if the data was encrypted ... it was. The auditor didn't ask whether we could bypass the encryption by querying memory.

The vulnerabilities that lead to breaches do not come with a checklist.
You will never receive a passing grade for your efforts.
You will never forget a failure if it happens on your watch.

Contact us today to learn how we can assist your team identify and classify vulnerabilities.
 
- Blog Principles Principals Contact Us
 
DBSecWorx secures data and databases
 

 Copyright © 2019
DBSecWorx All rights reserved.
 
Privacy & Cookies Policy Privacy Shield Legal