Endpoint Cybersecurity GmbH
- EU Cyber Resilience Act (CRA) – Overview
- From Idea to Proof of Concept to MVP – 3 article series
- From Idea to Proof of Concept to MVP: The Minimum Viable Product – MVP (3/3)
- From Idea to Proof of Concept to MVP: The POC stage (2/3)
- From Idea to Proof of Concept to MVP: The Idea stage (1/3)
- Delivering often in small increments with Scrum
- Navigating AI Standards and Regulations
- Policy vs Standard vs Procedure: why, what, how
- Comparing Annex A in ISO/IEC 27001:2013 vs. ISO/IEC 27001:2022
- NIS2 Fulfillment through TISAX Assessment and ISA6
From Idea to Proof of Concept to MVP: The Idea stage (1/3)
/in EducationalContents Toggle Legend 1. The Idea Stage What Makes This Stage Unique Inputs and Outputs Actors Engineering Expectations at This Stage Security and Privacy This is a a developer focused guide in three parts to evolving code, architecture, and processes with the purpose of turning a raw concept into a usable product. This process is […]
Delivering often in small increments with Scrum
/in EducationalAgile software development, particularly using Scrum, has revolutionized the way software is built and delivered. At its core, Agile embraces iterative and incremental development, a stark contrast to traditional “waterfall” methodologies. The primary objective is to deliver working software frequently and in small increments, ensuring continuous feedback, adaptability, and rapid value delivery. However, we know […]
Navigating AI Standards and Regulations
/in EducationalNote: This post is written with a lot of help from AI, used to summarize the standards mentioned below. Artificial intelligence (AI) is reshaping industries, but it also brings new risks. From security vulnerabilities to compliance challenges, organizations must balance innovation with responsibility. New standards were created and newer are emerging to guide this […]
Policy vs Standard vs Procedure: why, what, how
/in EducationalEver wondered what the differences between these terms are? We use them in GRC very often, but we rarely think what they mean. This creates in time some stretching of these concepts, meaning that their meanings overlap to a certain degree. A Policy is a high-level, mandatory statement of principles and intent. A Standard […]
Comparing Annex A in ISO/IEC 27001:2013 vs. ISO/IEC 27001:2022
/in EducationalI wrote ages ago this article, where I compared briefly the Annex A in the two versions of the standard: https://www.sorinmustaca.com/annex-a-of-iso-27001-2022-explained/ But, I feel that there is still need to detail a bit the changes, especially that now more and more business are forced to re-audit for the newer standard. Overview of Annex A […]