Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary Β» PCI DSS Β» CSRF

CSRF

Cross-Site Request Forgery (CSRF) is a security vulnerability that allows a cyber threat actor to perform actions on behalf of the user without their knowledge or consent. The CSRF attack occurs when the user clicks on a malicious link or visits a malicious website. This action makes the user’s browser send requests to legitimate websites where the user is logged in. These requests are generally actions such as deleting data, making purchases, changing passwords, sending messages, and so on. As the request comes from the user’s browser, it is considered legitimate, allowing the cybercriminals to perform unauthorized actions.

Additional reading

CMMC Compliance Templates [Download Free Policies]

The Cybersecurity Maturity Model Certification (CMMC) is one of the most stringent models for conducting security assessments. Its detailed documentation requirement may feel complex and overwhelming, especially to small contractors. This is because writing policies from scratch is one of the most time-intensive, confusing, and manual work-heavy tasks.  This is where pre-built CMMC compliance templates…

The Complete Guide to Enterprise Risk Reporting

Every business decision is fundamentally a bet on the future.  You’re betting that markets will hold steady, critical vendors won’t slip up, your cloud stack remains resilient, and regulatory expectations don’t change faster than you can adapt.  Enterprise risk reporting is how organizations transform those wagers into strategy. It doesn’t remove that uncertainty, and nothing…

ISO 27001 Annex A.8: Asset Management Explained

TL;DR ISO 27001 Annex A.8 (Asset Management) focuses on identifying, classifying, owning, and securing all organizational assets (data, systems, people, hardware, etc.). It requires organizations to maintain an asset inventory, assign ownership, define acceptable use, and ensure return or secure disposal of assets. Additional controls include information classification, labeling, handling procedures, and secure management of…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales