Live wire
CVE-2026-1142Apache Tomcat — RCE, CVSS 9.8Credentialstuffing wave — 8 retail brands hitISO42001 final draft — AI governance baselineVoltTyphoon successor — energy-sector dwell time 18 daysEUNIS2 expanded scope — mid-market SaaS inRansomwaremean dwell time — 6 days, down from 11Supplychain — npm package compromise — 2.4M downloadsZero-dayin Cisco IOS — patches availableCVE-2026-1142Apache Tomcat — RCE, CVSS 9.8Credentialstuffing wave — 8 retail brands hitISO42001 final draft — AI governance baselineVoltTyphoon successor — energy-sector dwell time 18 daysEUNIS2 expanded scope — mid-market SaaS inRansomwaremean dwell time — 6 days, down from 11Supplychain — npm package compromise — 2.4M downloadsZero-dayin Cisco IOS — patches available
FeedStatsPoliciesComplianceThreat Intel
Compliance Knowledge Hub

Security Frameworks & Compliance

Understand what it takes to achieve compliance with major security frameworks. Each guide covers requirements, steps to certification, and which policies you need.

ISO 27001
ISO/IEC 27001

The global gold standard for information security management

Time to cert6–12 months
Cost$15,000–$50,000+
DifficultyHigh
Information Security PolicyAccess Control PolicyPassword PolicyData Classification PolicyIncident Response PlanAcceptable Use Policy+5 more
SOC 2
SOC 2 Type II

The trust standard for SaaS and service organizations

Time to cert4–9 months
Cost$20,000–$100,000+
DifficultyHigh
Information Security PolicyAccess Control PolicyPassword PolicyIncident Response PlanChange Management PolicyVendor Risk Management Pol…+3 more
NIST CSF
NIST Cybersecurity Framework

The US federal standard for managing cybersecurity risk

Time to cert3–6 months
Cost$5,000–$30,000
DifficultyMedium
Information Security PolicyAccess Control PolicyIncident Response PlanBackup & Disaster Recovery…Change Management PolicyVendor Risk Management Pol…+1 more
GDPR
General Data Protection Regulation

The EU's comprehensive data privacy regulation

Time to cert3–9 months
Cost$10,000–$50,000+
DifficultyHigh
Data Classification PolicyData Retention & Disposal …Incident Response PlanVendor Risk Management Pol…Access Control PolicyAcceptable Use Policy+2 more
HIPAA
HIPAA

US healthcare data privacy and security standard

Time to cert6–12 months
Cost$20,000–$80,000+
DifficultyVery High
Information Security PolicyAccess Control PolicyPassword PolicyData Classification PolicyIncident Response PlanBackup & Disaster Recovery…+4 more
PCI DSS
PCI DSS v4.0

Payment card industry data security standard

Time to cert3–12 months
Cost$5,000–$200,000+
DifficultyHigh
Information Security PolicyAccess Control PolicyPassword PolicyChange Management PolicyIncident Response PlanVendor Risk Management Pol…+2 more