Rapid7 Compliance Brief: SOX

Under the Sarbanes-Oxley Act (SOX), public companies must ensure their financial reporting and internal business processes are secured and monitored. The SEC obligates public companies to disclose material cybersecurity incidents, and encourages companies to adopt a comprehensive security program.

Public companies must manage shareholder expectations and regulatory scrutiny. Rapid7 solutions and services can help companies meet their security and disclosure obligations to the SEC and investors while navigating borderless security risks and maintaining a strong reputation. This compliance brief can help you better understand:

• The SEC’s requirements for public companies to disclose cybersecurity incidents and secure their disclosure and internal business processes

• How Rapid7’s solutions and services can help public companies meet SEC requirements, such as by leveraging internal security controls to better enable financial reporting and disclosure

• How up-to-date cybersecurity maturity assessments, penetration testing, and managed services can help audit the effectiveness of security controls before and after cyber incidents and deliver insights to combat real-world attacks