E Com Security Solutions: Security Blog

The Official Security Blog of E Com Security Solutions for advancing the security capabilities of leading businesses and organizations throughout the world.


Benefits and Applicability of SOC 2 Reports

Third party organisations that successfully complete a SOC 2 audit can offer their clients reasonable assurance that an independent reviewer has assessed their controls that relate to operations and compliance; and they meet the criteria prescribed by AICPA for the five TSCs. The report helps to prioritise risks in order [...]

October 31st, 2019|Categories: SOC 2|Tags: , , , |

Enhanced SOC 2 Reports

Enhanced SOC 2 reports are highly flexible tools that can incorporate multiple frameworks and industry standards into third-party assurance reporting. For Outsourced Service Providers (OSP’s), the benefits are even more significant. Consider that these businesses must often respond annually to hundreds of individual audit requests, customer questionnaires, and requests for [...]

October 31st, 2019|Categories: SOC 2|Tags: , , , |

SOC Reporting options

When considering the broad spectrum of services provided by outsourced service providers in today’s marketplace, some service types lend themselves clearly to one SOC reporting option over another. To best understand the reporting options, it’s important to consider the intended use and audience in each case.  There are three SOC [...]

October 31st, 2019|Categories: SOC 2|Tags: , , , |

Secure Your Apps with E Com Mobile App Security Testing Checklist

Like all software, mobile apps often contain vulnerabilities (introduced by errors in design or implementation or by malicious intent) that can expose a user, a mobile device and its data or enterprise services or its data to attacks. Any one of many simple errors that a developer can make potentially [...]

September 16th, 2019|Categories: Cyber Security|

Joker Malware Infects 500K Users In 24 Android Apps On Google Play

A new Android malware called Joker (after the manic Batman villain) has been discovered which can gain access to a victim’s SMS messages, contacts list, and other specific device information. It can also sign victims up for premium subscription services without their knowledge. The malware has been reported to have [...]

September 10th, 2019|Categories: Cyber Security|