The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • SOC 2 Type 1 and SOC 2 Type 2 Frequently Asked Questions

    May 09, 2017, Dixon Wright, Managing Principal, SOC

    Coalfire’s SOC Practice Directors Dixon Wright and Jeff Cook recently conducted a webinar on AWS and SOC Reporting, What you need to know. The presentation provided a lot of good points that organizations should know or be prepared for regardless of the technology that is being used. Below you will find a transcript of the Q&A session from the webinar.

    Read more
  • Cloud Burst?

    March 01, 2017, Jeremy Gibbons, AWS Channel Lead, Coalfire

    The cloud can burst!? This week’s AWS service disruption showed us the importance of architecting a system to account for failure, and how to be successful when deploying your solution in the cloud.

    Read more
  • FedRAMP Prioritization

    August 29, 2016, Abel Sussman, Senior Project Manager, Commercial Services, Coalfire

    Coalfire has been participating in the American Council for Technology and the Industry Advisory Council (ACT-IAC) Cloud Computing community of interest in order to contribute in developing the new FedRAMP JAB Prioritization process.

    Read more
  • FedRAMP High Baseline Requirements Published

    June 28, 2016, Abel Sussman, Senior Project Manager, Commercial Services, Coalfire

    The Federal Risk and Authorization Management Program (FedRAMP) Project Management Office officially released its High baseline for High impact-level systems. This baseline is at the High/High/High categorization level for confidentiality, integrity, and availability in accordance with FIPS 199; and is mapped to the security controls from the NIST SP 800-53, Rev. 4 catalog of security controls. Previously, the FedRAMP authorization process was only designed for low and moderate impact systems.

    Read more
  • Truth is SCARIER than Fiction Redux

    October 30, 2014, Mike Weber, Vice President, Coalfire Labs

    Yes... To be honest, although we really do some neat stuff here at Coalfire Labs that can be pretty scary, I’ve got to give a shout out to “reality” for being even scarier than any emulated attack we could possibly develop.  The astounding number of data breaches announced this year is just shocking, really.  It really felt like there was a new one every month.  As it turns out, there was!  Even more than that on average, as we’ve had at least 14 of them over a 10 month span.

    Read more
  • Displaying results 6-10 (of 20)
     |<  <  1 - 2 - 3 - 4  >  >| 

Recent Posts

Post Topics

Archives

Tags