All Posts

As biotech and healthtech companies scale across borders, they face a central challenge: how to lawfully collect, store, and use ...

Biotech companies are under pressure to prove strong data security and compliance. This practical ISO 27001 guide and checklist outlines what biotech firms need to know in 2025 — from protecting IP and clinical data to choosing the right auditor and reducing risk.

Navigating MDR cybersecurity compliance under the EU’s new medical and in vitro diagnostic regulations can be complex. This in-depth guide helps device manufacturers understand and implement the cybersecurity requirements of EU MDR (2017/745) and IVDR (2017/746) — from secure-by-design principles to post-market surveillance and CE certification. If you're building or selling connected medical devices or software in Europe, this is essential reading.

When Regeneron announced its $256 million acquisition of 23andMe, most headlines focused on drug discovery potential. But beneath the surface lies a deeper concern: the fate of 15 million genetic profiles. At Sekurno, we unpack the post-acquisition security risks, Regeneron’s breach history, and why compliance alone isn’t enough to protect the world’s most personal data—your DNA.

Learn how FDA regulation and cybersecurity guidance apply to software-enabled medical devices, from classification and submission to lifecycle risk management

Explore a real-world threat modeling example for a genomics platform using MITRE’s playbook, C4 diagrams, and STRIDE. A practical guide for healthtech and biotech security teams

Most "Top 10" security lists are marketing fluff. Here’s how vendors game the system, and what smarter buyers should actually look for when choosing a partner.

Simplify HIPAA compliance with our Self-Assessment Guide. Quickly identify gaps, understand key requirements, and take actionable steps to strengthen your data security and meet regulatory standards. Ideal for startups, biotech, healthtech, and healthcare companies.

Explore the anatomy of the 23andMe data breach, its impact on genomic privacy, and critical lessons for biotech security. This deep dive reveals how sensitive genetic data was compromised and what organizations must do to strengthen defenses.

Discover why scaling biotech companies must prioritize security and compliance. Learn when regulatory triggers like HIPAA, GDPR, and FDA guidelines come into play — and how proactive cybersecurity strengthens growth and partnerships.

Modern biotech startups increasingly rely on cloud infrastructure to power genomic data analysis and deliver applications to users....

Discover how biotech and genomics firms can safeguard sensitive data by simulating cyberattacks on cloud systems, DNA databases & AI models

Learn how to secure mobile applications against real-world threats. Our definitive guide to mobile pentesting covers essential tools, methodologies, common vulnerabilities, and best practices for iOS and Android security testing.

The Biggest Cyber Breaches and Hacks of 2024: What We Learned from Microsoft Cloud, MOVEit, Clorox, SSA, MGM Resorts, LassPass and others

The lifecycle of black-box pentesting, from reconnaissance to reporting, showing how each phase builds on the last to expose vulnerabilities

In today's digital landscape, securing your Node.js apps is paramount. This guide provides key concepts & practices aligned with OWASP WSTG

Discover the pros and cons of compliance automation, debunk myths, and see who benefits from more efficient, scalable compliance solutions.

Why would you want to know the current state of application security in your organization? There may be several reasons: You want to...

APIs are the glue of modern applications and the place most attackers aim first. At Sekurno we combine hands-on adversary techniques with rigorous methodology to find the flaws that matter. Read on for practical testing strategies, common pitfalls, and clear mitigations you can action today. If you are a beginner, this material introduces the perfect way to start your journey into the pentesting world. If you're a seasoned pro with years of experience in different cybersecuri

Master the essentials of cybersecurity compliance with our definitive guide. Learn how to navigate complex frameworks like SOC 2, PCI DSS, NIST, HIPAA, CCPA, GDPR, and ISO 27001, avoid common pitfalls, and build a security program that drives trust and resilience.