Blog

Insights and expertise from Thoropass

Latest posts

  • Product

Introducing Three New Frameworks: NIST CSF, CMMC Level 1 and Cyber Essentials

At Thoropass, we believe compliance should enable progress—not slow it down. That’s why we’re constantly expanding our framework library to meet customers where they are and help them scale…
Read Article icon-arrow
  • Compliance

Cybersecurity risk management: Strategic approaches for enterprise protection

For mid-size enterprises, cybersecurity risk management has evolved beyond a simple compliance checkbox into a strategic business imperative. As threats grow more sophisticated and regulatory requirements multiply, large organizations…
Read Article icon-arrow
  • Compliance

SOC 2 audit transformation: A modern approach to continuous compliance

For enterprises managing complex technology stacks and sensitive data, SOC 2 audits have become a critical yet increasingly burdensome aspect of maintaining customer trust and market access. The traditional…
Read Article icon-arrow
  • Compliance

Preparing for PCI DSS v4.0.1 Audit: Essential updates for 2025 compliance

User interacts with a payments dashboard
As PCI DSS v3.2.1 nears its retirement on March 31, 2024, understand the new and updated requirements of PCI DSS 4.0 and best practices for your organization to ensure a seamless transition.
Read Article icon-arrow
User interacts with a payments dashboard
  • News and Events

Thoropass Recognized as a Leader in the G2 Spring 2025 Grid Reports Across Multiple Categories

Thoropass has once again been named a Leader in G2’s Spring 2025 Grid Reports across multiple categories! While the badges provide welcome recognition, what truly energizes us is the…
Read Article icon-arrow
  • Compliance

Cybersecurity risk management: Strategic approaches for enterprise protection

For mid-size enterprises, cybersecurity risk management has evolved beyond a simple compliance checkbox into a strategic business imperative. As threats grow more sophisticated and regulatory requirements multiply, large organizations…
Read Article icon-arrow
  • Compliance

SOC 2 audit transformation: A modern approach to continuous compliance

For enterprises managing complex technology stacks and sensitive data, SOC 2 audits have become a critical yet increasingly burdensome aspect of maintaining customer trust and market access. The traditional…
Read Article icon-arrow
  • Compliance

Preparing for PCI DSS v4.0.1 Audit: Essential updates for 2025 compliance

User interacts with a payments dashboard
As PCI DSS v3.2.1 nears its retirement on March 31, 2024, understand the new and updated requirements of PCI DSS 4.0 and best practices for your organization to ensure a seamless transition.
Read Article icon-arrow
User interacts with a payments dashboard
  • Compliance

Pentesting or Vulnerability Scanning: Which should you choose?

With cyber attacks becoming increasingly sophisticated and compliance standards more stringent, organizations face mounting pressure to verify their security measures actually work and not just exist on paper. As…
Read Article icon-arrow
  • Compliance

Transform Your PCI DSS Audit: A Smoother Approach to Payment Security Compliance

Payment security compliance has evolved far beyond an annual checkbox exercise. Organizations face mounting pressure to protect cardholder data across increasingly complex technology stacks, while simultaneously managing multiple compliance…
Read Article icon-arrow
  • Product

Introducing Three New Frameworks: NIST CSF, CMMC Level 1 and Cyber Essentials

At Thoropass, we believe compliance should enable progress—not slow it down. That’s why we’re constantly expanding our framework library to meet customers where they are and help them scale…
Read Article icon-arrow
  • Product

Introducing Thoropass Multi-Workspace: Manage Complex Compliance Programs with Ease

As businesses grow, managing compliance across multiple products, regions, and teams becomes increasingly complex. Traditional methods involve juggling separate compliance programs, duplicating work, and struggling with fragmented oversight.  That’s…
Read Article icon-arrow
  • Product

First Pass AI: Transforming audit readiness with AI-driven evidence verification

First Pass AI -Blog-Header-
If you’ve ever navigated the maze of infosec audits, you know the drill: painstaking manual QA, weeks of back-and-forth with auditors, and the constant dread of rejection. Compliance teams…
Read Article icon-arrow
First Pass AI -Blog-Header-
  • Product

Four new frameworks from Thoropass: HIPAA, HITRUST, and ISO changes to streamline your compliance 

Four new frameworks from Thoropass: HIPAA, HITRUST, and ISO changes to streamline your compliance 
Read Article icon-arrow
  • Product

Introducing support for 23 NYCRR Part 500:  Enhance cyber governance, mitigate risks, and protect your business from cyber threats

nycrr part 500 blog header
Thoropass now supports 23 NYCRR Part 500 cybersecurity regulation! Thoropass’ end-to-end compliance and audit solution can now guide you through the entire process. With everything in one place, achieving…
Read Article icon-arrow
nycrr part 500 blog header
  • News and Events

Thoropass Recognized as a Leader in the G2 Spring 2025 Grid Reports Across Multiple Categories

Thoropass has once again been named a Leader in G2’s Spring 2025 Grid Reports across multiple categories! While the badges provide welcome recognition, what truly energizes us is the…
Read Article icon-arrow
  • News and Events

Thoropass deepens HITRUST partnership, streamlining your path to certification

Today we’re announcing a major expansion of our partnership with HITRUST that will make it even easier for organizations to achieve and maintain their HITRUST certifications.  Since 2022, Thoropass…
Read Article icon-arrow
  • News and Events

Thoropass recognized as a leader in the G2 Winter 2025 Grid Reports including Audit Management, Cloud Compliance, and more

We’re thrilled to announce that Thoropass has been recognized as a Leader in an impressive 16 G2 Grid Reports this Winter—a testament to our commitment to simplifying complex compliance…
Read Article icon-arrow
  • Compliance
  • News and Events

Webinar: Is pentesting mandatory for SOC 2?

is a penetration test required for soc 2
As we enter 2025 and are met with a new wave of increasingly sophisticated cyber threats, businesses can no longer afford to treat security as an afterthought. In a…
Read Article icon-arrow
is a penetration test required for soc 2
  • News and Events

Walking the walk: Thoropass is now CREST accredited for pentesting!

CREST certification
We’re proud to announce that Thoropass has achieved CREST accreditation for penetration testing, aligning us with a global community of cybersecurity leaders dedicated to enhancing industry standards. This accreditation…
Read Article icon-arrow
CREST certification
  • From our Partners

Quantifying Compliance ROI: A Technical Framework for Data-Driven Security Investment

In today’s data-driven environment, quantifying the compliance ROI of compliance initiatives is essential for justifying security investments and aligning them with business objectives. “Ponemon Institute research indicates that ‘The…
Read Article icon-arrow
  • From our Partners

Streamlining AI governance and compliance: How Zendata and Thoropass are revolutionizing regulatory solutions

With the accelerating pace of technological change, companies now face a critical need to navigate complex compliance landscapes and establish robust AI governance practices. A recent study revealed that…
Read Article icon-arrow
  • From our Partners

Streamlining compliance: How Thoropass and XFA partner to solve compliance challenges

In a world where we’re free to work from anywhere on any device , ensuring compliance and security has become more critical and challenging than ever. With employees accessing…
Read Article icon-arrow
  • From our Partners

Zero stress audits – how working with Swif and Thoropass makes compliance effortless

Let’s face it—compliance and device security aren’t exactly the most exciting parts of running a business. It can feel like an uphill battle between endless spreadsheets, constant audits, and…
Read Article icon-arrow
  • From our Partners

The HITRUST AI security assessment and certification: a trustworthy approach for managing AI risks

AI is revolutionizing industries. It offers immense potential for businesses. However, its complexity introduces new risks that traditional cybersecurity frameworks were not built to manage. From data poisoning to…
Read Article icon-arrow
  • 1
  • 2