Panorays’ Blog

Security Frameworks

Learn about the latest research and happenings in TPCRM
Blog > Security Frameworks
Vendor Due Diligence Checklist
Dov Goldman
3 May, 2026

Cyber Security Governance: Frameworks, Strategies, and Best Practices

Every year, your digital estate gets more complex. Cloud-native stacks blend with sprawling SaaS portfolios and AI-driven…
NIST Cybersecurity Framework
Ahikam Harush
23 April, 2026

A Practical Guide to the NIST AI Risk Management Framework: How to Implement Trustworthy AI and Manage Vendor Risk

AI is moving from pilot to production across every team and tech stack. That speed brings new failure modes. Model drift skews outcomes. Opaque decisions erode…
NIST Cybersecurity Framework
Ahikam Harush
15 April, 2026

The NIST Cybersecurity Framework (CSF) and TPRM

With the increasing use of artificial intelligence (AI), emphasis on cloud-first strategies and rising reliance on third-party services and technologies, organizations must have a defense plan…

Panorays logo

Take Control of Your
Third-Party Security

Get Started Free
Transition to Cloud Infrastructure
Dov Goldman
28 February, 2026

The Role of Cloud Security Posture Management Tools…

Cloud adoption keeps accelerating, and that's exactly where the challenge begins. Your…
Ahikam Harush
1 December, 2025

Panorays Earns ISO/IEC 42001 Certification: What It Means…

AI is officially everywhere in cybersecurity, from how we evaluate vendors to…
Residual Risk
Demi Ben-Ari
8 October, 2025

What Does Residual Risk Mean in the Risk…

5 Key Things You Need to Know About Residual Risk Residual risk…
How to implement zero trust
Demi Ben-Ari
24 August, 2025

Zero Trust vs Least Privilege: Which Should Come…

As cyber threats grow more sophisticated, identity-driven security models like Zero Trust…
Shorten the Vendor Sales Cycle
Demi Ben-Ari
1 May, 2025

Building an Effective Vendor Management Framework for Your…

Businesses today rely on a growing network of third-party vendors to support…
Center for Internet Security CIS
Brooke VanHest
4 June, 2024

How Security Controls Help Manage Third-Party Risk

Information security controls are actions an organization takes to protect against unauthorized…
DNSSEC
Demi Ben-Ari
15 April, 2024

DNSSEC: What Is It and Why Is It…

DNSSEC is a security protocol that adds public key cryptographic signatures to…
FISMA
Dov Goldman
31 March, 2024

What is FISMA and How Does it Protect…

FISMA, or the Federal Information Security Management Act, was first legislated in…
NIST Cybersecurity Framework
Dov Goldman
7 March, 2024

News in TPRM: NIST Releases Cybersecurity Framework 2.0

On February 26, the National Institute of Standards and Technology released the…
What is HECVAT - Higher Education Community Vendor Assessment Toolkit
Dov Goldman
23 February, 2024

What is HECVAT? Vendor Assessment in Higher Education

HECVAT, also known as the Higher Education Community Vendor Assessment Toolkit, is…
Information Leakage
Dov Goldman
16 August, 2023

Understanding Information Leakage: What You Need to Know

In the midst of the global pandemic when its use was at…
SIG
Dov Goldman
29 May, 2023

What is a SIG and How is it…

Learn about SIG: Third-party security questionnaire repository for information gathering.

Featured Authors

The Fastest and Easiest Way
to Do Business Together, Securely

Get a Demo