SimpleRisk Core

SimpleRisk Core

On November 23, 2020, SimpleRisk went live with our Q4 2020 release.  This release primarily focused on fixing a number of bugs found in various places in the SimpleRisk Core and SimpleRisk Extras.

SimpleRisk Core

The 20201106-001 release of SimpleRisk was purely a bug fix release.  We discovered a critical issue introduced in the 20201005-001 release which impacted all new file uploads of a non-text file.  This included files like Word Documents, Excel Spreadsheets, and Adobe PDFs.  While this release fixes the underlying issue which causes these bad file uploads, we have a follow-up release planned which will help to better identify them.

In 2014, the NIST Cybersecurity Framework (CSF) took the world by storm, aiming to help organizations to improve their ability to prevent, detect and respond to cyber attacks.  It has been translated to many languages and is used by the governments of the United States, Japan, Israel, among many others.  The Trends in Security Framework Adoption Survey, conducted in 2016, reported that 70% of the 300 surveyed organizations view NIST's framework as a security best practice, but, that same survey also found that 50% of

When I released the original free and open source version of SimpleRisk back in March 2013, I can honestly say that I had no idea it would become what it is today.  I was simply tasked with starting a risk management program for National Instruments and they couldn't prioritize purchasing a GRC solution, so I ended up putting some of my secure coding skills to use.  In its initial iteration, SimpleRisk was nothing more than a page to submit a risk, a page to edit risks, and a page to view all of the risks submitted.  Just a simple risk registry.

This past weekend, SimpleRisk went live with our Q2 2020 release.  Like the releases before it, a tremendous amount of effort went into packing in as many features and functionality as possible, while retaining the underlying simplicity.  In addition, our HackerOne Bug Bounty program continues to help us to identify and fix potential security vulnerabilities and we've corrected a number of bugs, as well.  The full release notes for this release can be downloaded here.  What f

About a week and a half ago, SimpleRisk went live with our Q3 2020 release.  While this release included a handful of new features as well as bug and security fixes in the SimpleRisk Core, much of our attention in this go around went towards enhancing a number of our SimpleRisk Extras.  The full release notes for this release can be downloaded here.  What follows is a description of all of the new features, bug fixes and security fixes that were included in this new release.

At the end of June 2020, a civil rights coalition, which includes the Anti-Defamation League (ADL) and the NAACP, launched the #StopHateforProfit campaign.  This campaign calls upon major corporations to put a pause on Facebook advertisements, citing the company's "repeated failure to meaningfully address the vast proliferation of hate on its platforms".  It is the result of over a decade of begging Facebook to do something about the hate speech problem.  Facebook has allowed incitement to violence against protesters fighting for racial justice in America, named Breitbart News a "trus

As the Information Security Program Owner at National Instruments, a $1.4B global enterprise, I've spent the past decade building a risk management program from the ground up.  As I shared in my Founder's Story,  I struggled in the early days with defining what our program would look like, and especially around the tooling I would use, but it wasn't long before I was able to demonstrate the value of risk management to the organization.  SimpleRisk quickly became our de facto tool of choice and, as my knowledge increased and my co

Subscribe to governance