Resources

The substance, published openly.

Plain-spoken guides, articles and checklists on compliance, testing and managed security: the kind of answers we'd give in a first call. Choose a section below to get started.

Guides & downloads

Whitepapers, checklists, and guides with formatted PDFs to take away. We publish the substance openly.

Browse downloads

Articles

Short, plain-spoken answers to the compliance and testing questions buyers actually ask.

Read articles

Interactive tools

Quick, interactive checks you can run yourself to baseline compliance readiness, vendor risk, security budget ROI, and maturity.

Run checks

Latest articles.

Compliance · guide
ISO 27001: a practical guide to information security management
ISO 27001 is a management system, not a checklist. Here are the core principles and a seven-step path from gap analysis to certification.
5 June 2026
Assessment · article
Is penetration testing manual or automated? (Both.)
Scanners give you coverage. People find the business-logic and chained flaws that sink a deal. Good testing uses both.
26 May 2026
Compliance · article
SOC 2 Type I vs Type II: which one do you need?
Type I proves your controls are designed right at a point in time. Type II proves they actually work over a period. Here is how to choose.
12 May 2026

Browse all articles

Still exploring?

Get the next resource by email.

No spam. We share the guides and tools we publish, and you can unsubscribe any time.

Get an assessment