This new survey of InfoSec leaders conducted by Dark Reading explores how the CISO role has evolved, how the C-suite and board view cybersecurity, and where the best growth opportunities for CISOs...
Coalfire, in collaboration with our Cloud Advisory Board, has developed our latest report to advance the cybersecurity community with a how-to guide for navigating the smartest path to DevSecOps...
Is your company at risk and, more importantly, what can you do about it? Check out our top seven high-level findings and then read on for detailed takeaways plus our top seven recommendations to...
This report, developed in collaboration with Enterprise Strategy Group (ESG), provides the latest insights and research to help organizations navigate the complexities of cloud-native security and...
The healthcare payments industry sits in the crossfire between privacy and public trust. Under pressure in the cloud services space, a major FinTech company’s executive team intended to position...
This AI data platform needed help navigating the complex FedRAMP landscape. Leveraging Coalfire’s Accelerated Cloud Engineering (ACE), the organization realized savings of more than 50% on FedRAMP...
Leveraging Coalfire’s ACE services saved this ID security software firm 47% on engineering costs in designing and building a FedRAMP audit-ready system. They completed the process in less than 90...
In the wake of the COVID-induced economic pressures, many banks and financial institutions have begun to accelerate the migration of PCI workloads to the cloud, helping them realize operating cost...
Phones, tablets, computers, and cloud storage have become integral parts of the lives of billions of people worldwide. These electronic products have digital footprints that aid investigators in...
Coalfire’s FastRAMP 360 is the industry’s only comprehensive approach to a smarter, faster, and simplified FedRAMP journey – one we’ve helped countless CSPs navigate successfully.
The industry’s leading vulnerability management platform, ThreadFix provides a complete view of your risk from applications and their supporting infrastructure.
A solid privacy program is no longer just a compliance question – it’s a competitive
requirement. Going forward, the question of privacy cannot be answered with a
Join us to see how, together, Snyk and ThreadFix can enhance application security and prevent risks, while preserving development scale and speed.
In this webinar, we will cover the capabilities that ThreadFix has to allows security teams to manage their application asset portfolios. We will also take a deeper dive into several tools such as...
The Department of Defense (DoD) issued a long-awaited update to its Cybersecurity Maturity Model Certification (CMMC) program. But what do these changes mean and what compliance actions should...
Get guidance on the top ten most common questions about the FedRAMP process that we hear from cloud service providers (CSPs).
Explore the top guidelines to assist business leaders in understanding and managing cyber risk.
Cynergy Partners and Coalfire board member Jim Pflaging discuss cybersecurity perspectives on President Biden’s recent executive order and 100 days in administration.
This whitepaper dives into how applications can often be subject to unique vulnerabilities that need to be addressed differently than common network vulnerabilities.
In this video we will go over the basics for logging in, creating teams and applications, and importing multiple scan types to easily aggregate vulnerability data into one dashboard view across...
In this video we will talk about how to think about tags for your ThreadFix environment, how to set up tags and tag various items in ThreadFix, and how to use tags for reporting as well as for risk...
Since 2001, Coalfire has worked at the cutting edge of technology to help public and private sector organizations solve their toughest cybersecurity problems and fuel their overall success.
Coalfire helps organizations comply with global financial, government, industry and healthcare mandates while helping build the IT infrastructure and security systems that will protect their business from security breaches and data theft. The company is a leading provider of IT advisory services for security in retail, payments, healthcare, financial services, higher education, hospitality, government and utilities.
The Coalfire Board of Directors provides invaluable guidance for the organization and reflects Coalfire’s dedication to achieving success for our customers.
Coalfire is committed to creating a culture that fosters diversity, inclusion, belonging, and equity.
Coalfire’s executive leadership team comprises some of the most knowledgeable professionals in cybersecurity, representing many decades of experience leading and developing teams to outperform in meeting the security challenges of commercial and government clients. With diverse backgrounds in IT systems security, governmental security, compliance, and reducing risk while implementing the latest enabling technologies (such as the Cloud and IoT), our leaders understand the challenges customers face.
Security is a team game. If your organization values both independence and security, perhaps we should become partners.
With a passion for quality, Coalfire uses a process-driven quality approach to improve the customer experience and deliver unparalleled results.
Created in honor of the late co-founder of Coalfire, the Richard E. Dakin Fund at The Denver Foundation is supporting scholarship programs at several universities for promising college students studying cybersecurity and related fields.
Move forward, faster with solutions that span the entire cybersecurity lifecycle. Our experts help you develop a business-aligned strategy, build and operate an effective program, assess its effectiveness, and validate compliance with applicable regulations.
Adopt our cloud security model as a safeguard
Streamline cloud development with compliant-ready environments
Build in cybersecurity right from the start
Secure your cloud and IT perimeter with the latest boundary protection techniques
Increase customer confidence by promoting your security story
Successfully incorporate security into your DevOps program
Make smart, strategic, and informed decisions about security events
Providing you unparalleled visibility into your security posture
Confirm system protection by quickly and easily running internal and external scans
Discover and remediate critical vulnerabilities before they’re exploited
Boost your defenses by simulating a real-world attack
Maximize security investments and prove their effectiveness
Strengthen your risk and compliance postures with a proactive approach to security
Drive business success through cybersecurity strategy
Strengthen your program by putting our experts to work
Turn privacy into a competitive advantage
Know what risks you’re facing with a merger or acquisition
Uncover the risks present in your organization
Safeguard protected health information and medical devices
Hold vendors and partners to your security standards
Don’t waste critical response time. Prepare for incidents before they happen.
The comprehensive approach to a smarter, faster, and simplified FedRAMP journey
Reduce the operational burden associated with maintaining your FedRAMP boundary
Simplify your path to secure by design. Get security right from the start reducing risk and accelerating your time to market.
Navigate your path to Cybersecurity Maturity Model Certification
Simplify and streamline DEA EPCS compliance
Assess your systems to DoD RMF standards
Get advisory and assessment services from the leading 3PAO
Reduce IT security risk in financial services
Meet your FISMA authorization needs
Protect health data from threats and vulnerabilities
Receive guidance from an original HITRUST CSF Assessor firm
Build a management system that complies with ISO standards
Understand and address ITAR and EAR security obligations
Protect controlled unclassified information
Validate the security of your payment applications
Shape your overall payments program for current and future security
Protect cardholder data from cyber attacks and breaches
Suspect a cardholder data breach? Contact us now.
Simplify and optimize PCI compliance in the cloud
Secure data as soon as it’s entered into a point device
Provide the strongest validation of your PCI program
Maintain trust and confidence across your organization’s security and financial controls
Demonstrate your commitment to cybersecurity
Use our cloud-based platform to simplify compliance, reduce risks, and empower your enterprise’s security
Manage and simplify your compliance projects and assessments with Coalfire through an easy-to-use collaboration portal
Quickly configure and manage requirements for internal and external vulnerability scanning and PCI ASV scans
Maintain and improve security with year-round visibility and proactive management of your compliance program
Spend less time manually correlating results and more time addressing security risks and vulnerabilities.
While cybersecurity is a priority for enterprises worldwide, requirements differ greatly from one industry to the next. Coalfire understands industry nuances; we work with leading organizations in the cloud and technology, financial services, government, healthcare, and retail markets.
Coalfire can help cloud service providers prioritize the cyber risks to the company, and find the right cyber risk management and compliance efforts that keeps customer data secure, and helps differentiate products.
"Success" at a government entity looks different at a commercial organization. Create cybersecurity solutions to support your mission goals with a team that understands your unique requirements.
The financial services industry was built upon security and privacy. As cyber-attacks become more sophisticated, a strong vault and a guard at the door won’t offer any protection against phishing, DDoS attacks and IT infrastructure breaches.
The continuum of care is a concept involving an integrated system of care that guides and tracks patients over time through a comprehensive array of health services spanning all levels of care. Interoperability is the central idea to this care continuum making it possible to have the right information at the right time for the right people to make the right decisions.
Maintaining network and data security in any large organization is a major challenge for information systems departments. However, in the higher education environment, the protection of IT assets and sensitive information must be balanced with the need for ‘openness’ and academic freedom; making this a more difficult and complex task.
When it comes to cyber threats, the hospitality industry is not a friendly place. Hotels and resorts have proven to be a favorite target for cyber criminals who are looking for high transaction volume, large databases and low barriers to entry.
The global retail industry has become the top target for cyber terrorists, and the impact of this onslaught has been staggering to merchants. To secure the complex IT infrastructure of a retail environment, merchants must embrace enterprise-wide cyber risk management practices that reduces risk, minimizes costs and provides security to their customers and their bottom line.
Private enterprises serving government and state agencies need to be upheld to the same information management practices and standards as the organizations they serve. Coalfire has over 16 years of experience helping companies navigate increasing complex governance and risk standards for public institutions and their IT vendors.
Technology innovations are enabling new methods for corporations and governments to operate and driving changes in consumer behavior. The companies delivering these technology products are facilitating business transformation that provides new operating models, increased efficiency and engagement with consumers as businesses seek a competitive advantage.
Cybersecurity has entered the list of the top five concerns for U.S. electric utilities, and with good reason. According to the Department of Homeland Security, attacks on the utilities industry are rising "at an alarming rate".
Get valuable insight into what matters most in cybersecurity, cloud, and compliance. Here you’ll find resources – including research reports, white papers, case studies, the Coalfire blog, and more – along with recent Coalfire news and upcoming events.
Written by Coalfire's leadership team and our security experts, the Coalfire Blog covers the most important issues in cloud security, cybersecurity, and compliance.
Find information that can help you approach cybersecurity programmatically. Explore our research reports, white papers, on-demand webinars, videos, case studies, and more.
Stay up-to-date with all things Coalfire. Find upcoming events and webinars. See what’s new with your cybersecurity partner. And read the latest media coverage.
The Coalfire Research and Development (R&D) team creates cutting-edge, open-source security tools that provide our clients with more realistic adversary simulations and advance operational tradecraft for the security industry.