Standards
Manage multiple regulatory compliance frameworks and standards in one platform
NIST CSF
The NIST Cybersecurity Framework (CSF) was published in 2018, for the benefit of private and public sector organizations. It has been widely adopted as a structure for assessing and improving the ability to prevent, detect and respond to cyber incidents. More..
NIST 800-53
NIST SP 800-53 defines how they manage their information security systems, in order to better protect both the agencies and private data. While NIST SP 800-53 applies to any federal organization (aside from national security agencies), many private sector entities have adopted controls from this framework and its guidelines cover any component of an information system that stores, processes or transmits information. More..
NIST 800-46
The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the US Commerce Department, tasked with researching and establishing standards across all federal agencies. More..
ISO 27001
The ISO 27001 framework is the internationally recognized best practice framework for an Information Security Management System (ISMS). It is applicable to all organizations, irrespective of size, type or nature. More..
MITRE ATT&CK
MITRE ATT&CK is a platform that organizes and categorizes various types of tactics, techniques, and procedures used by threat actors in the digital world, helping organizations pinpoint gaps in their cyber-defenses. MITRE ATT&CK is based on Lockheed Martin’s Cyber Kill Chain. More..
SIG
The Standardized Information Gathering (SIG) questionnaire is used to perform an initial assessment of vendors, gathering information to determine how security risks are managed across 18 different risk domains. More..