Compliance

Entries with this tag address cybersecurity standards and policies and cases where organizations fail or succeed in meeting them.

Photo by Eduardo Balderas on Unsplash

Jason Chavarría


Understanding 51 new PCI DSS requirements made easy

PCI DSS v4.0 brings 51 new requirements that are best practices until March 2025. We share a classification that may help take it all in.

Photo by Jeremy Perkins on Unsplash

Jason Chavarría


Comply with the new requirements due for March 2024

Companies that store, handle or transfer account data must comply with PCI DSS v4.0 from March 31. We summarize its 13 new requirements to be met on that date.

Photo by Wynand Uys on Unsplash

Jason Chavarría


Six main items in an AI policy for software development

Your company should have a policy about generative AI usage for software development. Read our suggestions on the most important items to include.

Photo by Jochen van Wylick on Unsplash

Jason Chavarría


Smart devices are to be more secure for consumers

Following the steps of some in Europe, the U.S. advances in its cybersecurity labeling program to help consumers choose IoT devices more resistant to attacks.

Photo by Jean-Daniel Calame on Unsplash

Jason Chavarría


Now we follow all best practices required by OpenSSF

After evidencing statement and branch coverages above 90% and other high-level best practices, our open-source project Universe got the rare OpenSSF gold badge.

Photo by Sara Kurfeß on Unsplash

Felipe Ruiz


A brief overview of this recent EU draft regulation

Learn about the draft Cyber Resilience Act, including its purposes, obligations and penalties, before its final version comes.

Photo by Ugur Arpaci on Unsplash

Felipe Ruiz


Soon it will be a must in cybersecurity due to NIS2

We briefly introduce the NIS 2 Directive and pay special attention to its cybersecurity training requirement for organizations' boards of directors.

Photo by Jason Krieger on Unsplash

Felipe Ruiz


Keep tabs on this proposal from the Biden-Harris Admin

Learn about the cybersecurity strategy announced by the Biden-Harris Administration, specifically, the issues it aims to address and the pillars it is based on.

Photo by Nik Shuliahin on Unsplash

Jason Chavarría


For which security standards is pentesting a must-have?

We present whether penetration testing is required for compliance with these security standards: GDPR, GLBA, HIPAA, ISO 27001, PCI DSS, SOC 2 and SWIFT CSCF.

Start your 21-day free trial

Discover the benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial
Fluid Logo Footer

Hacking software for over 20 years

Fluid Attacks tests applications and other systems, covering all software development stages. Our team assists clients in quickly identifying and managing vulnerabilities to reduce the risk of incidents and deploy secure technology.

Copyright © 0 Fluid Attacks. We hack your software. All rights reserved.