#jobs #incident #vulnerability #patch-management #security-tools #ai #detection-engineering #exploit #breach #malware #ransomware #phishing #cloud #zero-day #authentication
Articles tagged with: #iso-27001 Clear filter
EXIN ISO 27001 Certifications and Coursera IBM courses- any experience?

EXIN ISO 27001 Certifications and Coursera IBM courses- any experience?

cybersecurity www.reddit.com

Hello! As I plan my transition to the GRC field, I am curious if you have any experience with EXIN certifications. I am considering taking their ISO 27001 Foundation exam and would like to know your opinion on EXIN certifications, if there is any. Additionall, what is your opinion on IBM's Cybersecurity Compliance Framework, Standards & Regulations course on Coursera? Is it any good? Thanks. submitted by /u/Worried-Attention-43 [link] [comments]

#security-tools #iso-27001
Free ISO 27001 Mandatory Documents Toolkit & Guidance

Free ISO 27001 Mandatory Documents Toolkit & Guidance

cybersecurity www.reddit.com

Hi. If you would like my 27001 Info Sec documentation toolkit (something I personally have used many times), which contains all the mandatory documents from the main clauses, then you can get it here: https://iseoblue.com/information-security/ I've also documented all the 27001 requirements/clauses and controls. I've even created an implementation guide there - step-by-step how to for 27001. It's all free, without signup (apart from the toolkit itself). I hope it helps. 1 upvote submitted by...

#iso-27001
Free Cybersecurity Training & Certifications (2025 Edition)

Free Cybersecurity Training & Certifications (2025 Edition)

cybersecurity www.reddit.com

Hey everyone 👋 I've pulled together a list of free cybersecurity training programs & certifications you can use to build your skills and strengthen your resume: Fortinet Fundamentals Fortinet Associate IBM QRadar Foundation OWASP Top 10 Hacksplaining CTI 101 (Cyber Threat Intelligence) Dark Web Fundamentals ISO 27001 ISMS (Skill Front) Qualys VM Foundation Security Blue Team - Junior Analyst Pathway ✅ All of these are completely free to access - great for both beginners and professionals...

#blue-team #iso-27001
Zweifel an Docker ISO 27001 Zertifizierung und mangelnde Transparenz

Zweifel an Docker ISO 27001 Zertifizierung und mangelnde Transparenz

cybersecurity www.reddit.com

Hi everyone, Docker has been claiming ISO 27001 certification since April 2024. However, I haven't been able to find any publicly available certificate documents, unlike with other providers (e.g. AWS). Multiple inquiries through official channels have gone unanswered. This is unusual, since ISO 27001 certificates don't contain sensitive information and are normally made accessible either directly by the company or via the certification body. Does anyone have access to Docker's ISO 27001...

#aws #certificate #docker #iso-27001
Which compliance frameworks best represent secure coding, IaC controls, and developer skills on OWASP Top 10?

Which compliance frameworks best represent secure coding, IaC controls, and developer skills on OWASP Top 10?

cybersecurity www.reddit.com

I'm currently exploring how to map and measure security practices across three areas: Secure code controls (static analysis, secure coding guidelines, etc.) Infrastructure-as-Code security (Terraform, Kubernetes, cloud-native IaC scanning) Developer skills and awareness around the OWASP Top 10 My goal is to identify which compliance or maturity frameworks are most relevant for representing these domains in a structured way. For example, should I look at NIST SSDF, ISO 27001, SOC 2, CIS...

#cloud #nist #sast #k8s #iso-27001
Certification

Certification

cybersecurity www.reddit.com

Hello guys, I would love to ask few questions since I'm very new to this career path of cyber security. I would love to know if you have any tips on where and with which academy (online training) I could pass the ISO 27001 certification and the CompTIA Security +. Any information and tips are welcome. 🤗 submitted by /u/Mirrabarro [link] [comments]

#iso-27001
Key cybersecurity controls

Key cybersecurity controls

cybersecurity www.reddit.com

With the way the risk landscape keeps shifting - AI, supply chain, geopolitics, regulatory pressure, ransomware, etc - I've been reflecting on frameworks and the controls they prioritise. 👉 If you had to call out the top three controls that absolutely should be in a framework today, what would they be? 👉 And just as importantly, what controls do you think are missing or under-emphasised in the common frameworks (ISO 27001, NIST CSF, COBIT, etc.)? Curious to hear from practitioners across...

#security-tools #ransomware #supply-chain #nist #iso-27001
I got my first CISO job. Advise please

I got my first CISO job. Advise please

cybersecurity www.reddit.com

Hello everyone, I just received an offer for my first CISO role. I have 6 years of experience as an ISO, mostly on the GRC side. I also hold CISSP and ISO 27001 LI certifications. The company is a startup with around 250 people, and I'll be the only person responsible for security and for maintaining ISO 27001 certification. Their tech stack is AWS, PHP, and React.js. Since this will be my first CISO position, I'd like to prepare as much as possible before starting in 2.5 months. What books or...

#aws #iso-27001
Here's an official link to buy ISO standards at a fraction of a cost

Here's an official link to buy ISO standards at a fraction of a cost

cybersecurity www.reddit.com

The Estonian organization of standards (ISO national member), offers ISO standards far cheaper here https://www.evs.ee/en (change language to ENG from above on the right). You'd only have the word EVS- before the standard; fully official from the source. For example, ISO 27001 is 20 EUR instead of 140 EUR on ISO approx (that's an 85% discount!). Hope that helps! submitted by /u/Raf_Adel [link] [comments]

#iso-27001
10 Mistakes You Should Avoid Before Your ISO 27001 or SOC2 Audit

10 Mistakes You Should Avoid Before Your ISO 27001 or SOC2 Audit

cybersecurity www.reddit.com

After 20 years in cybersecurity, I've been through several compliance audits. Early in my career, I thought audit success was just about having good security controls. I was wrong. I've identified the patterns that separate smooth audits from audit disasters. Mistake #1: Not Setting Clear Boundaries and Expectations Upfront What I Used to Do Wrong: Let auditors drive the entire process and timeline without pushback. What Actually Happens: Auditors start requesting everything under the sun. "Can...

#iso-27001
Vanta vs Drata - vCISO Review

Vanta vs Drata - vCISO Review

cybersecurity www.reddit.com

I see some questions here and in other communities asking the same thing: "What's better for SOC 2 or ISO 27001: Vanta or Drata?" Honestly, it's the wrong question. The problem is, they compare feature lists, which is the wrong way to look at it. Choosing a platform that doesn't fit your company's DNA can lead to a ton of wasted engineering hours, blown budgets, and deal delays. Instead of asking "which tool is better?", I tell founders to use a simple "Right-Fit Framework" based on three...

#security-tools #iso-27001