Codific
  • Customers
    • Zebra Technologies
    • Sigma Software Group
    • Sign In Solutions
    • Approach Cyber
    • All Customer Stories
  • Solutions
    • AppSec Management with SAMMY
    • GRC Management with SAMMY
    • Ed-Tech and HR-Tech
      • Secure Video Sharing with Videolab
      • Student Attendance Tracking with Attendance Radar
      • Survey Analysis Automation with SARA
  • Services
    • OWASP SAMM Assessments
    • OWASP SAMM Training
    • OWASP SAMM Guidance
  • Company
    • Our Story
    • Who We Are
    • Codific @ OWASP
    • Codific @ OWASP Global AppSec Washington D.C. 2025
    • Careers
  • Partners
    • Implementation Partners Program
      • Partner Success Story
    • Recommended Vendors Program
      • Our Recommended Vendors
    • Academic Application Security Program
  • Insights
    • Blog
    • The AppSec Management Podcast
    • Application Security Science
    • Press Coverage
  • Contact
  • Go to SAMMY

Compliance

Home Compliance
Nearly everything is in scope for the CRA except for SaaS

01

Dec

How to prepare for the CRA

  • Aram Hovsepyan
  • Application Security, Compliance, CRA, Cyber Resilience Act, Cybersecurity

The upcoming Cyber Resilience Act (CRA) is a EU regulation that was published on November […]

Read Article
NIS 2 Blog featured image

27

Nov

NIS 2 Directive: Compliance Guide, Fines & Scope

  • Nicolas Montauban
  • Application Security Management, Compliance, Cybersecurity, Information Security

The warning shots are over. The NIS 2 Directive is live, and enforcement has begun.[…]

Read Article
Cybersecurity Fundamentals framework in one view

12

Jan

What Is CyFun and How to Implement It?

  • Aram Hovsepyan
  • Compliance, Cybersecurity

Introduction In this blog, we will focus on helping you understand what is Cybersecurity Fundamentals[…]

Read Article
How to implement NIST 800-53

19

Dec

How to implement NIST 800-53

  • Nicolas Montauban
  • Compliance, Cybersecurity, Implementation, NIST, NIST 800-53, Security Controls

Navigating the complexities of cybersecurity frameworks can be challenging, but understanding how to implement NIST[…]

Read Article
A visually modern illustration of a secure digital network with interconnected nodes and locks symbolizing cybersecurity controls, representing the comprehensive protection offered by frameworks like NIST 800-53.

19

Dec

What is NIST 800-53? A comprehensive guide

  • Nicolas Montauban
  • Compliance, Cybersecurity, NIST, NIST 800-53, Security Controls

In the evolving landscape of cybersecurity, organizations face the challenge of protecting their systems and[…]

Read Article
HIPAA compliance

12

Dec

HIPAA Implementation: A Guide to Compliance

  • Mahe Pereira
  • Compliance, Cybersecurity, Privacy by Design, Security

HIPAA, the Health Insurance Portability and Accountability Act of 1996, is a critical federal law[…]

Read Article
Mappings to OWASP SAMM

07

Dec

NIST 800-53 and NIST 800-171: Key Differences

  • Aram Hovsepyan
  • Compliance, Cybersecurity, NIST SSDF, Privacy by Design, Security, Software security

The U.S. cybersecurity strategy seems to be lightyears ahead of the EU. I strongly believe[…]

Read Article
fisma

22

Nov

What is FISMA and how to comply with it

  • Aram Hovsepyan
  • Application Security, Compliance, Cybersecurity

What is FISMA and why is it important? The Federal Information Security Modernization Act (FISMA)[…]

Read Article

Building a simple and safe digital future

This website runs on green hosting - verified by thegreenwebfoundation.org
  • Visit Codific's LinkedIn channel (opens in a new tab)
  • Visit Codific's YouTube channel (opens in a new tab)
  • Spotify

Main Focus

Application Security Application Security Management Compliance Cybersecurity NIST SSDF OWASP OWASP SAMM SAMM Secure Software Development Security Software security SSDLC

Recent Post

  • Nearly everything is in scope for the CRA except for SaaS

    December 01, 2025

    How to prepare for the CRA

    December 01, 2025

  • NIS 2 Blog featured image

    November 27, 2025

    NIS 2 Directive: Compliance Guide, Fines & Scope

    November 27, 2025

  • OWASP ASVS Blog Illustration for Featured Image

    November 25, 2025

    OWASP ASVS: A Comprehensive Overview

    November 25, 2025

In the Spotlight

  • SAMMY
  • The AppSec Management Podcast
  • Secure Video Sharing with Videolab
  • Attendance Radar
  • SARA
  • Terms & Conditions
  • Imprint
  • Cookie Policy
  • Privacy Statement

Codific ® 2025. All rights reserved.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}