The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Takeaways from GAM 2018: Internal Audit Embraces Cybersecurity

    March 21, 2018, Nick Son, Vice President, Cyber Risk Services, Coalfire

    Last week, the Institute of Internal Auditors (IIA) held its 2018 Global Audit Management Conference at the Aria Resort in Las Vegas. With over 1,700 attendees, this was the most well-attended event in the history of the conference. Coalfire was one of the sponsors, and we were delighted to meet with so many forward-thinking audit executives and practitioners.

    Read more
  • Icebreaker: Chip Away at Active Directory Passwords, Automatically

    March 16, 2018, Dan McInerney, Senior Security Consultant, Coalfire

    To break the ice with Active Directory and shorten the cycles penetration testers spend on cracking passwords, I developed Icebreaker, a tool that automates network attacks against Active Directory and provides plaintext credentials. Icebreaker performs five network attacks in order...

    Read more
  • The Effect of NIST 800-171A on Government Contractors

    March 13, 2018, Mali Yared, Practice Director, Cyber Risk Advisory & Privacy, Coalfire

    NIST 800-171A has been widely discussed in our industry, and NIST has promised to release it sometime in 2018. It introduces a standardized opportunity to perform a more structured and granular level of assessment leveraging the National Institute of Science and Technology (NIST) Special Publication (SP) 800-171 framework.

    Read more
  • Managing Your Vulnerabilities, FedRAMP Style

    March 12, 2018, Dana Scaffido, Senior Consultant, Cyber Engineering, Coalfire

    As a member of Coalfire’s Cyber Engineering team, I frequently get questions about vulnerability Deviation Requests (DRs) from Cloud Service Providers (CSPs) seeking Federal Risk and Authorization Management Program (FedRAMP) authorizations. In this post, I’ll try to answer questions we frequently encounter about Deviation Requests and provide some useful resource links.

    Read more
  • Highlights from the HITRUST Third-Party Assurance Summit

    March 07, 2018, Andrew Hicks, Managing Principal, Coalfire

    The HITRUST TPA Summit brought together experts representing customers, vendors, and assessor firms in various aspects of risk management to share best practices, lessons learned and effective third-party risk management strategies leveraging the HITRUST CSF Assurance Program and HITRUST Assessment Exchange. Coalfire sent a team of healthcare experts to the Chicago event to meet with our HITRUST clients and folks from organizations who are thinking about a HITRUST journey. We were also there to find out what’s next for the HITRUST CSF, and we found out that the future is exciting!

    Read more
  • Displaying results 46-50 (of 317)
     |<  <  6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14 - 15  >  >| 

Recent Posts

Post Topics

Archives

Tags