Security News

Which works to detect and compare configuration changes to servers, databases, and applications, now integrates a policy compliance engine aimed at helping IT teams simplify and more efficiently achieve compliance and compliance reporting, with an initial focus on the federal space. By integrating a policy compliance engine focused on select STIG policies, makes it easier for federal IT pros to automatically check systems and applications for STIG compliance, deliver clear and quick compliance results for auditing purposes, and identify non-compliant elements for more efficient remediation.

MemSQL announced that Thentia is launching MemSQL as the core operational database for its cloud-based regulatory licensing, assurance and enforcement technology. MemSQL's speed and scale will enable Thentia to achieve fast response times and automate a historically paper-based regulatory compliance process.

A group of academics from three German universities has decided to investigate whether and how mobile app vendors respond to subject access requests, and the results of their four-year undercover field study are dispiriting. "In three iterations between 2015 and 2019, we sent subject access requests to vendors of 225 mobile apps popular in Germany. Throughout the iterations, 19 to 26 % of the vendors were unreachable or did not reply at all. Our subject access requests were fulfilled in 15 to 53 % of the cases, with an unexpected decline between the GDPR enforcement date and the end of our study," they shared.

Sourcepoint has formed a relationship to help Oracle customers protect consumer privacy and manage compliance and user consent. Sourcepoint offers a fully customizable compliance management platform that allows companies to capture, manage, and optimize customer privacy preferences across a range of channels, including web, apps, AMP, and even emerging areas such as OTT and audio.

As part of the collaboration, Wipro will offer SIMM-in-a-box to financial institutions covered under Uncleared Margin Rules. The offering will allow financial institutions to calculate trade sensitivities, generate CRIF file and calculate initial margin in-house.

ACA Compliance Group announced the launch of the mobile app version of its ComplianceAlpha platform for risk and compliance management. Designed to provide financial services firms with an on-the-go hub for compliance management, communication, resources, thought leadership, and future ComplianceAlpha functionality, ACA's ComplianceAlpha mobile app provides both employees and compliance teams with an easier, more accessible compliance experience.

The enterprise-trusted, build-to-production container security solution now includes extensive compliance reporting and enforcement for PCI DSS, GDPR, and other industry and government standards, as well as new workflows specifically designed to make it easy for DevOps teams to track critical vulnerabilities and to ensure - and prove - compliance. With a single click, DevOps teams can enable NeuVector's pre-configured compliance templates to identify any potential industry compliance issues and generate audit reports for PCI DSS, GDPR, and other stringent - and often changing - data security regulations.

BDO USA announced the launch of a new integrated solution that helps organizations develop and maintain a comprehensive data governance, risk management and compliance program. BDO's Compliance Center allows companies to maximize the utility of their Microsoft suite by providing complementary services through each step of the compliance and information risk management process, from data discovery and initial gap assessments, to controls implementation, ongoing monitoring and enforcement.

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life and support on June 30, 2020, and that those were the final security patches available for Magento Commerce 1.14 and Magento Open Source 1. "If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site's security and PCI DSS compliance," Adobe warned.

ZL Technologies announced enhancements to the ZL UA Compliance platform that significantly strengthen the email review process for compliance departments. A flexible review pipeline for compliance departments, ensuring flagged communications are defensibly managed.