Cybersecurity

Cybersecurity articles and notes.

The Value of a Business Impact Analysis

The risk of playing security guesswork.

David Galiata

Mar 18, 2024

3 min read

cybersecuritybusinessrisk-managementbia

Collaboration, Communication, and Culture in Cybersecurity

How building trust, communication, and shared ownership transforms security from a technical task into an organizational culture.

David Galiata

Oct 30, 2025

6 min read

cybersecuritysaasai securitysecurity culture

CVE CVSS and KEV Explained

CVE CVSS and KEV Building Your Vulnerability Management Foundation

David Galiata

Jun 23, 2025

4 min read

cybersecuritycvecvsskev

A New Approach to SaaS Security

Taking a look at a new approach to securing SaaS applications with complete visibility and control.

David Galiata

Oct 19, 2023

2 min read

cybersecuritysaas

Understanding the OWASP Top 10

Understanding the OWASP key web application security risks and how to mitigate them.

David Galiata

Jul 27, 2024

4 min read

cybersecuritycloud

Responding to Events in the Cloud

A framework for responding to alerts in the cloud and maintaining operational excellence.

David Galiata

Feb 8, 2024

8 min read

cybersecuritysaas

Access Control Gaps Lead To Data Breaches

Overly permissive users lead to Salesforce data breach and the importance of SSPM solutions.

David Galiata

Dec 18, 2023

2 min read

cybersecuritysaas

The Anatomy of SSPM Checks

Exploring the crucial components within SSPM security checks and how they secure SaaS environments.

David Galiata

Apr 8, 2024

3 min read

cybersecuritysaas

SaaS Termination

What to look for when you are ending a SaaS contract to maintain security and compliance.

David Galiata

Feb 22, 2024

3 min read

cybersecuritysaas

SaaS Vendor Security Checklist

A checklist to assess SaaS vendor security during the due diligence process.

David Galiata

Nov 3, 2023

2 min read

cybersecuritysaas

Integrating a New System into an Existing Security Boundary

Ensure a secure and compliant integration when introducing a new system into an existing security boundary.

David Galiata

May 6, 2024

3 min read

cybersecurity

A Cybersecurity Program Framework

A reusable starting point for building a cybersecurity program using Assess, Manage, and Validate pillars.

David Galiata

Feb 14, 2024

3 min read

cybersecurity

Software Development Life Cycle (SSDLC) in Cloud Security

Integrating security into every phase of cloud software development with SSDLC best practices.

David Galiata

Sep 26, 2024

4 min read

cybersecurity