Azure WAF (Well-Architected Framework) Framework & Security Pillar – Security (Principles, Checklists, Tradeoffs)
The Azure Well-Architected Framework (WAF) is a set of quality-driven tenets, architectural decision points, and review tools intended to help solution architects build a technical foundation for their workloads. The…
Install Steampipe Azure Compliance Mod for Azure Compliance (CIS, HIPAA, HITRUST, PCI DSS)
Steampipe is an open source CLI to instantly query cloud APIs using SQL. Steampipe Mods are collections of named queries, codified controls that can be used to test current configuration…
Zero Trust Model, Architecture & Implementation
Zero trust architectures are constructed on the basis that there is no secure perimeter. Instead, every event and connection is considered untrusted and potentially malicious. The goal of zero trust…
Everything about SOC 2 Type I
SOC 2 controls are based on the Trust Services Criteria deemed applicable to your organization. A SOC 2 report focuses on non-financial criteria related to security, availability, confidentiality, processing integrity,…
Canadian Cybersecurity and Privacy Framework
In Canada, the cybersecurity legal landscape is governed by various laws including privacy, anti-spam, criminal liability, and intellectual property:
CyberSecurity Review Resources for SaaS / PaasS & Other IT Solution
This post collects some useful resources to have a proper CyberSecurity review to any SaaS, PaaS, and other IT solutions.
Risk Management Knowledges
Governance is at the centre of effective technology risk management. Those charged with governance should work with the management team to develop and oversee the firm’s technology strategy and risk…
[Cybersecurity Architecture] Risk Management
Governance is at the centre of effective technology risk management. Those charged with governance should work with the management team to develop and oversee the firm’s technology strategy and risk…
TOGAF Knowledges Collection
TOGAF®, an Open Group standard, is a proven enterprise architecture methodology and framework used by the world’s leading organizations to improve business efficiency. TOGAF® helps practitioners avoid being locked into…
Cybersecurity Governance Overview
Cybersecurity governance refers to the component of governance that addresses an organization’s dependence on cyberspace in the presence of adversaries. The ISO/IEC 27001 standard defines cybersecurity governance as the following:…
Cybersecurity Architecture Knowledge Overview
What is Cybersecurity Architecture: The practice of designing computer systems to ensure the security of underlying data.