Measuring success

"Measuring success"

Compliance Programs

Information Security

Business Optimization

Strategic Initiatives

 

Vendor Risk Management

   metriQuality helps you respond efficiently to multiple vendor assessments, and we also issue assessments on your vendors.
see more...

Achieve regulatory compliance for SOX, HIPAA, PCI, GLB, FERC/NERC, and more.

Corporate Risk & Compliance Governance

   Manage risks which threaten your business goals -- and use our corporate compliance program to gauge how well your actions remediated these risks.
see more...


Data Governance

   Imagine that your company's data magically turned into hard currency overnight: How much do you have? Where is it all going? Who can see it? Our compliance program for data governance monitors how well your team manages data flows.
see more...

User Behavior Analytics can:

  • Monitor use, Detect suspicious activity, Alert on abuse
  • Alert on changes to important configuration files, unauthorized access to sensitive files and folders, anomalous behavior, malware, privilege escalations, and access denied events.
  • Automatically detect and correct violations of change control policies

Security Vulnerability Assessments

   Penetration testing is often included in, but should never be confused with, vulnerability assessments.

   Limitations of penetration tests include the agreed-upon scope, the ability of pen testers, and the fact that these tests are performed on live, production systems without negatively impacting normal operations.

   A good vulnerability assessment should identify critical assets to target, possible attack vectors, and in stark contrast to "black-box" penetration testing, advance knowledge of network infrastructure, security tools and controls, and intimate knowledge of business processes including customer and employee behavior.
see more...


Application Security Lifecycle Guidance

   Even the most secure coding practices can be wasted without a good change management process.

   Jason Chan, a security manager at Netflix, recently shared some great tips on monitoring configuration changes, in which DevOps are given the freedom to change what they want on-the-fly without getting permission in advance.
see more...