# FM CyberSecurity > Norwegian cybersecurity consultancy based in Oslo, with senior specialists across identity, exposure, compliance, AI security, MDR, and application security. FM CyberSecurity is a consultants-first firm founded in 2025, headquartered at Henrik Ibsens gate 36 in central Oslo. Norwegian content is canonical at the unprefixed root; English content lives under `/en/`. Both locales are exposed below. Every URL below points at the Markdown twin of the page (`.md`); append `.md` to any human URL on the site to fetch its Markdown body directly. ## Homepage - [FM CyberSecurity](https://fmcybersecurity.com/en/index.md): FM CyberSecurity — specialists in identity, exposure, compliance, AI security and AI pentesting. Your security, our priority. - [FM CyberSecurity](https://fmcybersecurity.com/index.md): FM CyberSecurity — fagspesialister innen identitet, eksponering, compliance, AI-sikkerhet og AI-pentest. Din sikkerhet, vår prioritet. ## About and contact - [Who is FM CyberSecurity?](https://fmcybersecurity.com/en/about.md): FM CyberSecurity is a Norwegian cybersecurity firm based in Oslo. Senior specialists operating at principal level across identity, exposure, compliance, AI security, MDR and application security. - [Hvem er FM CyberSecurity?](https://fmcybersecurity.com/about.md): FM CyberSecurity er en norsk cybersikkerhetsvirksomhet i Oslo. Senior fagspesialister på principal-nivå innen identitet, eksponering, compliance, AI-sikkerhet, MDR og applikasjonssikkerhet. - [Contact](https://fmcybersecurity.com/en/contact.md): Talk directly to a named specialist at FM CyberSecurity. Pick a consultant by topic — MDR, compliance, identity, AI security — or send a general message. We respond within one business day. - [Kontakt](https://fmcybersecurity.com/contact.md): Snakk direkte med en navngitt fagspesialist hos FM CyberSecurity. Velg konsulent etter tema — MDR, compliance, identitet, AI-sikkerhet — eller send en generell henvendelse. Vi svarer innen én virkedag. ## Services (English) - [CISO-for-hire](https://fmcybersecurity.com/en/services/ciso.md): Fractional and interim CISO leadership; principal-level strategy without a full-time hire. - [Subject Matter Experts](https://fmcybersecurity.com/en/services/subject-matter-experts.md): Senior advisory across security architecture, governance, and programme delivery. - [ServiceNow](https://fmcybersecurity.com/en/services/servicenow.md): ServiceNow security and GRC architecture for regulated environments. - [Project Leader](https://fmcybersecurity.com/en/services/project-leader.md): Architect-level project leadership for security and platform initiatives. - [Managed Detection and Response](https://fmcybersecurity.com/en/services/mdr.md): Managed Detection and Response via CrowdStrike Falcon Complete; onboarding, tuning, and local escalation from FM. - [Incident Response](https://fmcybersecurity.com/en/services/incident-response.md): Incident-response consulting, escalation management, and post-incident review. - [Agentic SOC](https://fmcybersecurity.com/en/services/agentic-soc.md): Autonomous SOC operations powered by Charlotte AI. - [Vulnerability & Exposure Management](https://fmcybersecurity.com/en/services/exposure-management.md): Continuous exposure-management programme built on Tenable. - [Maturity Assessment](https://fmcybersecurity.com/en/services/security-maturity-assessment.md): Baseline and gap analysis against a chosen framework. - [Cloud Security Assessment](https://fmcybersecurity.com/en/services/cloud-security-assessment.md): Cloud posture review and compliance readiness check. - [ISO 27001](https://fmcybersecurity.com/en/services/iso27001.md): From compliance burden to certification, typically in 2 to 3 weeks of focused work. - [NIS2](https://fmcybersecurity.com/en/services/nis2.md): NIS2 readiness for Nordic organisations; Norway transposition is in progress as an EEA state. - [DORA](https://fmcybersecurity.com/en/services/dora.md): Digital Operational Resilience Act readiness for in-scope financial entities. - [GDPR](https://fmcybersecurity.com/en/services/gdpr.md): GDPR programme work, DPIAs, and documented control. - [AI Act](https://fmcybersecurity.com/en/services/ai-act.md): EU AI Act readiness for providers and deployers; risk classification, governance, technical documentation, and oversight up to each application date. - [Cyber Resilience Act](https://fmcybersecurity.com/en/services/cyber-resilience-act.md): EU Cyber Resilience Act readiness for makers of products with digital elements; product classification, vulnerability handling, technical documentation, and CE-mark conformity up to the 2027 application date. - [AI Advisory](https://fmcybersecurity.com/en/services/ai-advisory.md): AI strategy, governance, and secure deployment guidance. - [Shadow AI](https://fmcybersecurity.com/en/services/shadow-ai.md): The Shadow AI challenge — unsanctioned AI use across employees, agents, and SaaS — discovered and governed with Tenable AI Exposure Management. - [Vibe Coding](https://fmcybersecurity.com/en/services/vibe-coding.md): Security guardrails for AI-assisted and AI-generated code. - [Pentest with AI](https://fmcybersecurity.com/en/services/pentest.md): AI-driven pentesting delivered through Aikido. - [DevOps](https://fmcybersecurity.com/en/services/application-security.md): AppSec programmes, SDLC integration, and continuous security. - [Privileged Access Management (PAM)](https://fmcybersecurity.com/en/services/pam.md): Privileged access management on Idira (CyberArk): vault, rotate, isolate, and record privileged accounts. - [Machine & Non-Human Identity](https://fmcybersecurity.com/en/services/machine-identity.md): Machine and non-human identity on Idira (CyberArk): secrets, certificates, and workload identities. - [Secrets Management](https://fmcybersecurity.com/en/services/secrets-management.md): Secrets management on Idira (CyberArk): credentials, API keys, and tokens out of code and into a controlled flow. - [AI Visibility](https://fmcybersecurity.com/en/services/ai-visibility.md): AI visibility: discover every AI tool, agent, and model in use, sanctioned or not, before you govern it. ## Services (Norwegian) - [CISO-for-hire](https://fmcybersecurity.com/services/ciso.md): Fraksjonell og midlertidig CISO-ledelse; strategisk arbeid på principal-nivå uten heltidsansettelse. - [Fageksperter](https://fmcybersecurity.com/services/subject-matter-experts.md): Senior rådgivning innen sikkerhetsarkitektur, styring og programleveranse. - [ServiceNow](https://fmcybersecurity.com/services/servicenow.md): ServiceNow-sikkerhet og GRC-arkitektur for regulerte miljøer. - [Prosjektledelse](https://fmcybersecurity.com/services/project-leader.md): Arkitektnivå prosjektledelse for sikkerhets- og plattforminitiativer. - [Sikkerhetsovervåkning (MDR/SOC)](https://fmcybersecurity.com/services/mdr.md): Managed Detection and Response via CrowdStrike Falcon Complete, onboarding, tuning og lokal eskalering fra FM. - [Hendelseshåndtering](https://fmcybersecurity.com/services/incident-response.md): Hendelseshåndtering, eskaleringsstyring og evaluering etter hendelser. - [Agentic SOC](https://fmcybersecurity.com/services/agentic-soc.md): Autonom SOC-drift drevet av Charlotte AI. - [Sårbarhetshåndtering](https://fmcybersecurity.com/services/exposure-management.md): Kontinuerlig sårbarhetshåndtering bygget på Tenable. - [Modenhetsvurdering](https://fmcybersecurity.com/services/security-maturity-assessment.md): Baseline og gap-analyse mot et valgt rammeverk. - [Skysikkerhetsvurdering](https://fmcybersecurity.com/services/cloud-security-assessment.md): Vurdering av skyposisjon og compliance-modenhet. - [ISO 27001](https://fmcybersecurity.com/services/iso27001.md): Fra compliance-belastning til sertifisering, vanligvis på 2–3 ukers fokusert arbeid. - [NIS2](https://fmcybersecurity.com/services/nis2.md): NIS2-modenhet for nordiske organisasjoner; Norge gjennomfører direktivet som EØS-stat. - [DORA](https://fmcybersecurity.com/services/dora.md): DORA-modenhet for finansforetak i virkeområdet. - [GDPR](https://fmcybersecurity.com/services/gdpr.md): GDPR-programarbeid, DPIA-er og dokumentert kontroll. - [AI Act](https://fmcybersecurity.com/services/ai-act.md): EU AI Act-modenhet for leverandører og utrullere; risikoklassifisering, styring, teknisk dokumentasjon og tilsyn fram til hvert virkningstidspunkt. - [Cyber Resilience Act](https://fmcybersecurity.com/services/cyber-resilience-act.md): EU Cyber Resilience Act-modenhet for produsenter av produkter med digitale elementer; produktklassifisering, sårbarhetshåndtering, teknisk dokumentasjon og CE-samsvar fram til virkningstidspunktet i 2027. - [AI-rådgivning](https://fmcybersecurity.com/services/ai-advisory.md): AI-strategi, styring og veiledning for sikker utrulling. - [Shadow AI](https://fmcybersecurity.com/services/shadow-ai.md): Shadow AI-utfordringen — uoffisiell AI-bruk på tvers av ansatte, agenter og SaaS — kartlagt og styrt med Tenable AI Exposure Management. - [Vibe Coding](https://fmcybersecurity.com/services/vibe-coding.md): Sikkerhetsrammer for AI-assistert og AI-generert kode. - [Pentest med AI](https://fmcybersecurity.com/services/pentest.md): AI-drevet pentesting levert via Aikido. - [DevOps](https://fmcybersecurity.com/services/application-security.md): AppSec-programmer, SDLC-integrasjon og kontinuerlig sikkerhet. - [Privilegert tilgang (PAM)](https://fmcybersecurity.com/services/pam.md): Privilegert tilgang på Idira (CyberArk): innlåsing, rotasjon, isolering og logging av privilegerte kontoer. - [Maskinidentitet](https://fmcybersecurity.com/services/machine-identity.md): Maskin- og ikke-menneskelig identitet på Idira (CyberArk): secrets, sertifikater og workload-identiteter. - [Secrets-håndtering](https://fmcybersecurity.com/services/secrets-management.md): Secrets-håndtering på Idira (CyberArk): credentials, API-nøkler og tokens ut av koden og inn i en kontrollert flyt. - [AI-synlighet](https://fmcybersecurity.com/services/ai-visibility.md): AI-synlighet: oppdag hvert AI-verktøy, hver agent og hver modell i bruk, godkjent eller ikke, før du styrer det. ## Products - [CrowdStrike](https://fmcybersecurity.com/en/products/crowdstrike.md): Certified partner; Falcon Complete Next-Gen MDR and Falcon AIDR as the core delivery model. - [CrowdStrike](https://fmcybersecurity.com/products/crowdstrike.md): Sertifisert partner; Falcon Complete Next-Gen MDR og Falcon AIDR som kjerneleveranse. - [Aikido](https://fmcybersecurity.com/en/products/aikido.md): Certified partner; AI Pentest as the delivery model for testing. - [Aikido](https://fmcybersecurity.com/products/aikido.md): Sertifisert partner; AI Pentest som leveransemodell for testing. - [Tenable](https://fmcybersecurity.com/en/products/tenable.md): Certified partner; exposure-management practice across cloud, endpoint and OT. - [Tenable](https://fmcybersecurity.com/products/tenable.md): Sertifisert partner; sårbarhetshåndtering på tvers av sky, endepunkt og OT. - [Idira (CyberArk)](https://fmcybersecurity.com/en/products/cyberark.md): Certified partner; PAM-focused identity practice. - [Idira (CyberArk)](https://fmcybersecurity.com/products/cyberark.md): Sertifisert partner; PAM-fokusert identitetspraksis. ## Product modules - [AI Pentest](https://fmcybersecurity.com/en/products/aikido/ai-pentest.md): AI Pentest uses autonomous AI agents to run continuous penetration testing and confirm real, exploitable risk. - [API Scanning](https://fmcybersecurity.com/en/products/aikido/api-scanning.md): API Scanning discovers and tests REST and GraphQL APIs for security weaknesses. - [Attack Surface Management](https://fmcybersecurity.com/en/products/aikido/attack-surface-management.md): Attack Surface Management discovers forgotten subdomains, exposed services, and unknown internet-facing assets, and tracks changes over time. - [Bot Protection](https://fmcybersecurity.com/en/products/aikido/bot-protection.md): Bot Protection blocks malicious bots, scrapers, and brute-force traffic in real time. - [Cloud Posture Management (CSPM)](https://fmcybersecurity.com/en/products/aikido/cloud-posture-management-cspm.md): Cloud Posture Management finds misconfigurations and compliance gaps across major cloud providers. - [Container Image Scanning](https://fmcybersecurity.com/en/products/aikido/container-image-scanning.md): Container Image Scanning scans container images for vulnerable operating-system packages and libraries. - [Device Protection](https://fmcybersecurity.com/en/products/aikido/device-protection.md): Device Protection monitors and blocks malicious browser extensions, IDE plugins, and risky code libraries on developer devices. - [Infrastructure as Code (IaC)](https://fmcybersecurity.com/en/products/aikido/iac-scanning.md): Infrastructure as Code scanning checks Terraform, CloudFormation, Kubernetes, and Dockerfiles for misconfigurations before deploy. - [Kubernetes Scanning](https://fmcybersecurity.com/en/products/aikido/kubernetes-scanning.md): Kubernetes Scanning checks clusters, manifests, and running images for misconfigurations and vulnerabilities. - [Malware Detection](https://fmcybersecurity.com/en/products/aikido/malware-detection.md): Malware Detection continuously checks dependencies for malicious packages across registries such as npm and PyPI. - [Open Source Dependencies (SCA)](https://fmcybersecurity.com/en/products/aikido/open-source-dependencies-sca.md): Open Source Dependencies checks open-source libraries for known vulnerabilities and supply-chain risk. - [Open Source License Risk](https://fmcybersecurity.com/en/products/aikido/open-source-license-risk.md): Open Source License Risk flags risky open-source licenses and generates a software bill of materials (SBOM). - [Outdated and EOL Software](https://fmcybersecurity.com/en/products/aikido/outdated-eol-software.md): Outdated and EOL Software flags unsupported frameworks, runtimes, and libraries that have reached end of life. - [Secrets Detection](https://fmcybersecurity.com/en/products/aikido/secrets-detection.md): Secrets Detection finds leaked secrets such as API keys, passwords, and tokens in code and git history. - [Static Code Analysis (SAST)](https://fmcybersecurity.com/en/products/aikido/static-code-analysis-sast.md): Static Code Analysis scans source code for security vulnerabilities before the code ships. - [Surface Monitoring (DAST)](https://fmcybersecurity.com/en/products/aikido/surface-monitoring-dast.md): Surface Monitoring is dynamic testing that probes live web apps and APIs from the outside, the way an attacker would. - [Virtual Machine Scanning](https://fmcybersecurity.com/en/products/aikido/virtual-machine-scanning.md): Virtual Machine Scanning checks virtual machines for vulnerable packages and outdated runtimes without an agent. - [Zen (In-App Firewall)](https://fmcybersecurity.com/en/products/aikido/zen-in-app-firewall.md): Zen is an embedded in-app firewall that blocks attacks such as SQL injection and command injection at runtime. - [Charlotte AI](https://fmcybersecurity.com/en/products/crowdstrike/charlotte-ai.md): Charlotte AI is a generative and agentic AI security analyst built into the Falcon platform. - [Cloud Security](https://fmcybersecurity.com/en/products/crowdstrike/cloud-security.md): Cloud Security protects cloud workloads and infrastructure across AWS, Azure, and Google Cloud. - [Data Protection](https://fmcybersecurity.com/en/products/crowdstrike/data-protection.md): Data Protection discovers, classifies, and stops data theft in real time. - [Endpoint Security](https://fmcybersecurity.com/en/products/crowdstrike/endpoint-security.md): Endpoint Security protects workstations, servers, and mobile devices from a single lightweight Falcon agent. - [Exposure Management](https://fmcybersecurity.com/en/products/crowdstrike/exposure-management.md): Exposure Management gives risk-based visibility across the attack surface from the Falcon agent. - [Falcon AI Detection and Response](https://fmcybersecurity.com/en/products/crowdstrike/falcon-aidr.md): Falcon AI Detection and Response (Falcon AIDR) provides AI detection and response across endpoints and cloud. - [Falcon Complete Next-Gen MDR (SOC)](https://fmcybersecurity.com/en/products/crowdstrike/falcon-complete-next-gen-mdr.md): CrowdStrike's flagship managed detection and response service, run around the clock by CrowdStrike experts. - [Falcon for IT](https://fmcybersecurity.com/en/products/crowdstrike/falcon-for-it.md): Falcon for IT converges security and IT operations on the Falcon platform. - [Frontier AI Readiness and Resilience Service](https://fmcybersecurity.com/en/products/crowdstrike/frontier-ai-readiness-and-resilience.md): A service that helps organizations prepare for AI-driven threats by finding and closing exploitable weaknesses faster. - [Identity Protection](https://fmcybersecurity.com/en/products/crowdstrike/identity-protection.md): Identity Protection stops identity-based attacks across Active Directory and Entra ID. - [Incident Response](https://fmcybersecurity.com/en/products/crowdstrike/incident-response.md): Rapid response to active breaches that contains the threat, investigates, and helps restore systems. - [Next-Gen SIEM](https://fmcybersecurity.com/en/products/crowdstrike/next-gen-siem.md): Next-Gen SIEM is an AI-native security information and event management platform that modernizes the SOC. - [Red Team Services](https://fmcybersecurity.com/en/products/crowdstrike/red-team-services.md): Realistic intrusion simulations that test detection and response readiness using real adversary tradecraft. - [Strategic Advisory Services](https://fmcybersecurity.com/en/products/crowdstrike/strategic-advisory-services.md): Advisory work that aligns the security program with business risk and sets a clear roadmap for leadership. - [Technical Advisory Services](https://fmcybersecurity.com/en/products/crowdstrike/technical-advisory-services.md): Hands-on technical assessments that harden the environment with concrete recommendations engineers can act on. - [Threat Intelligence](https://fmcybersecurity.com/en/products/crowdstrike/threat-intelligence.md): Threat Intelligence delivers real-time intelligence on adversaries and the methods they use. - [AI Agent Identities](https://fmcybersecurity.com/en/products/cyberark/agentic-identities.md): Identity security for autonomous AI agents. - [Certificate Manager](https://fmcybersecurity.com/en/products/cyberark/certificate-manager.md): Certificate Manager automates the lifecycle of TLS and machine certificates, including discovery, issuance, renewal, and policy enforcement. - [Code Sign Manager](https://fmcybersecurity.com/en/products/cyberark/code-sign-manager.md): Code Sign Manager secures code-signing keys and processes so developers can sign code under enterprise controls. - [Endpoint Privilege Manager](https://fmcybersecurity.com/en/products/cyberark/endpoint-privilege-manager.md): Endpoint privilege management that removes excess local admin rights and controls which applications can run on each device. - [Human Identities](https://fmcybersecurity.com/en/products/cyberark/human-identities.md): Identity security for the people in your organization, from everyday sign-in to the most privileged accounts. - [Identity Governance](https://fmcybersecurity.com/en/products/cyberark/identity-governance.md): Modern identity governance and administration that manages lifecycles, access requests, and access reviews across applications. - [Machine Identities](https://fmcybersecurity.com/en/products/cyberark/machine-identities.md): Identity security for the machines, secrets, certificates, keys, and workloads that run your business. - [Privileged Access Manager](https://fmcybersecurity.com/en/products/cyberark/privileged-access-manager.md): Privileged access management that secures, rotates, and records the most powerful accounts across on-premises, cloud, and hybrid systems. - [Secrets Hub](https://fmcybersecurity.com/en/products/cyberark/secrets-hub.md): Secrets Hub discovers and centrally manages secrets across cloud secret stores such as AWS Secrets Manager and Azure Key Vault. - [Secrets Manager](https://fmcybersecurity.com/en/products/cyberark/secrets-manager.md): Secrets Manager stores, rotates, and controls the secrets and credentials that applications, scripts, and CI/CD pipelines use. - [Secure AI Agents](https://fmcybersecurity.com/en/products/cyberark/secure-ai-agents.md): Secure AI Agents brings identity security to autonomous AI agents, with discovery, zero-standing-privilege access, threat detection, and lifecycle management. - [Secure Browser](https://fmcybersecurity.com/en/products/cyberark/secure-browser.md): An identity-centric enterprise browser that adds security and control to how users reach web and SaaS applications. - [Secure Cloud Access](https://fmcybersecurity.com/en/products/cyberark/secure-cloud-access.md): Just-in-time access to cloud consoles and command-line tools with zero standing privileges for developers and cloud administrators. - [SSH Manager](https://fmcybersecurity.com/en/products/cyberark/ssh-manager.md): SSH Manager discovers and manages SSH keys across the organization to reduce unmanaged and risky keys. - [Vendor PAM](https://fmcybersecurity.com/en/products/cyberark/vendor-pam.md): Secure, monitored privileged access for third-party vendors and external users, without VPNs, agents, or shared passwords. - [Workforce Identity](https://fmcybersecurity.com/en/products/cyberark/workforce-identity.md): Identity and access management that gives employees secure, simple access to the business applications they use every day. - [Workload Identity Manager](https://fmcybersecurity.com/en/products/cyberark/workload-identity-manager.md): Workload Identity Manager issues short-lived identities to cloud-native workloads using the open SPIFFE standard. - [AI Exposure](https://fmcybersecurity.com/en/products/tenable/ai-exposure.md): AI Exposure secures how an organization uses AI by discovering AI platforms, finding AI-related risks, and helping govern that risk. - [Attack Surface Management](https://fmcybersecurity.com/en/products/tenable/attack-surface-management.md): Attack Surface Management continuously discovers internet-facing assets and services so unknown exposure becomes visible. - [Cloud Security](https://fmcybersecurity.com/en/products/tenable/cloud-security.md): Cloud Security protects cloud-native applications across AWS, Azure, and Google Cloud by finding misconfigurations, risky entitlements, and workload vulnerabilities. - [Connectors](https://fmcybersecurity.com/en/products/tenable/connectors.md): Connectors bring data from third-party security and IT tools into Tenable One for one unified exposure view. - [Hexa AI](https://fmcybersecurity.com/en/products/tenable/hexa-ai.md): Hexa AI is the agentic AI engine of Tenable One that orchestrates and automates security workflows and turns exposure data into action. - [Identity Exposure](https://fmcybersecurity.com/en/products/tenable/identity-exposure.md): Identity Exposure finds risky misconfigurations and attack paths in Active Directory and Entra ID and helps close the paths attackers use for lateral movement. - [OT Security](https://fmcybersecurity.com/en/products/tenable/ot-security.md): OT Security provides visibility and exposure management for operational technology and industrial control systems. - [Patch Management](https://fmcybersecurity.com/en/products/tenable/patch-management.md): Patch Management automates remediation by correlating vulnerabilities with the right patches and applying fixes with policy-based guardrails. - [Vulnerability Management](https://fmcybersecurity.com/en/products/tenable/vulnerability-management.md): Vulnerability Management discovers and assesses vulnerabilities across IT assets and prioritizes them by risk so teams fix the most important issues first. - [Web App Scanning](https://fmcybersecurity.com/en/products/tenable/web-app-scanning.md): Web App Scanning provides dynamic application security testing that automatically scans running web apps and APIs for vulnerabilities. - [AI Pentest](https://fmcybersecurity.com/products/aikido/ai-pentest.md): AI Pentest bruker autonome AI-agenter til å kjøre kontinuerlig penetrasjonstesting og bekrefte reell, utnyttbar risiko. - [API Scanning](https://fmcybersecurity.com/products/aikido/api-scanning.md): API Scanning oppdager og tester REST- og GraphQL-API-er for sikkerhetssvakheter. - [Attack Surface Management](https://fmcybersecurity.com/products/aikido/attack-surface-management.md): Attack Surface Management oppdager glemte subdomener, eksponerte tjenester og ukjente internettvendte ressurser, og følger endringer over tid. - [Bot Protection](https://fmcybersecurity.com/products/aikido/bot-protection.md): Bot Protection blokkerer ondsinnede boter, skrapere og brute-force-trafikk i sanntid. - [Cloud Posture Management (CSPM)](https://fmcybersecurity.com/products/aikido/cloud-posture-management-cspm.md): Cloud Posture Management finner feilkonfigurasjoner og samsvarsavvik på tvers av de store skyleverandørene. - [Container Image Scanning](https://fmcybersecurity.com/products/aikido/container-image-scanning.md): Container Image Scanning skanner container-images for sårbare operativsystempakker og biblioteker. - [Device Protection](https://fmcybersecurity.com/products/aikido/device-protection.md): Device Protection overvåker og blokkerer ondsinnede nettleserutvidelser, IDE-plugins og risikable kodebiblioteker på utviklernes enheter. - [Infrastructure as Code (IaC)](https://fmcybersecurity.com/products/aikido/iac-scanning.md): Infrastructure as Code-skanning sjekker Terraform, CloudFormation, Kubernetes og Dockerfiles for feilkonfigurasjon før deploy. - [Kubernetes Scanning](https://fmcybersecurity.com/products/aikido/kubernetes-scanning.md): Kubernetes Scanning sjekker klynger, manifester og kjørende images for feilkonfigurasjoner og sårbarheter. - [Malware Detection](https://fmcybersecurity.com/products/aikido/malware-detection.md): Malware Detection sjekker avhengigheter kontinuerlig for skadelige pakker på tvers av registre som npm og PyPI. - [Open Source Dependencies (SCA)](https://fmcybersecurity.com/products/aikido/open-source-dependencies-sca.md): Open Source Dependencies sjekker open source-biblioteker for kjente sårbarheter og forsyningskjederisiko. - [Open Source License Risk](https://fmcybersecurity.com/products/aikido/open-source-license-risk.md): Open Source License Risk flagger risikable open source-lisenser og genererer en software bill of materials (SBOM). - [Outdated and EOL Software](https://fmcybersecurity.com/products/aikido/outdated-eol-software.md): Outdated and EOL Software flagger frameworks, runtimes og biblioteker uten støtte som har nådd end of life. - [Secrets Detection](https://fmcybersecurity.com/products/aikido/secrets-detection.md): Secrets Detection finner lekkede hemmeligheter som API-nøkler, passord og tokens i kode og git-historikk. - [Static Code Analysis (SAST)](https://fmcybersecurity.com/products/aikido/static-code-analysis-sast.md): Static Code Analysis skanner kildekode for sikkerhetssårbarheter før koden går i produksjon. - [Surface Monitoring (DAST)](https://fmcybersecurity.com/products/aikido/surface-monitoring-dast.md): Surface Monitoring er dynamisk testing som undersøker live web-apper og API-er utenfra, slik en angriper ville gjort. - [Virtual Machine Scanning](https://fmcybersecurity.com/products/aikido/virtual-machine-scanning.md): Virtual Machine Scanning sjekker virtuelle maskiner for sårbare pakker og utdaterte kjøretider uten agent. - [Zen (In-App Firewall)](https://fmcybersecurity.com/products/aikido/zen-in-app-firewall.md): Zen er en innebygd in-app firewall som blokkerer angrep som SQL injection og command injection mens applikasjonen kjører. - [Charlotte AI](https://fmcybersecurity.com/products/crowdstrike/charlotte-ai.md): Charlotte AI er en generativ og agentisk AI-sikkerhetsanalytiker bygget inn i Falcon-plattformen. - [Cloud Security](https://fmcybersecurity.com/products/crowdstrike/cloud-security.md): Cloud Security beskytter skyarbeidslaster og infrastruktur på tvers av AWS, Azure og Google Cloud. - [Data Protection](https://fmcybersecurity.com/products/crowdstrike/data-protection.md): Data Protection oppdager, klassifiserer og stopper datatyveri i sanntid. - [Endpoint Security](https://fmcybersecurity.com/products/crowdstrike/endpoint-security.md): Endpoint Security beskytter arbeidsstasjoner, servere og mobile enheter fra én lett Falcon-agent. - [Exposure Management](https://fmcybersecurity.com/products/crowdstrike/exposure-management.md): Exposure Management gir risikobasert innsikt på tvers av angrepsflaten fra Falcon-agenten. - [Falcon AI Detection and Response](https://fmcybersecurity.com/products/crowdstrike/falcon-aidr.md): Falcon AI Detection and Response (Falcon AIDR) gir AI-deteksjon og -respons på tvers av endepunkter og sky. - [Falcon Complete Next-Gen MDR (SOC)](https://fmcybersecurity.com/products/crowdstrike/falcon-complete-next-gen-mdr.md): CrowdStrikes flaggskip for administrert deteksjon og respons, driftet døgnet rundt av CrowdStrikes eksperter. - [Falcon for IT](https://fmcybersecurity.com/products/crowdstrike/falcon-for-it.md): Falcon for IT samler sikkerhet og IT-drift på Falcon-plattformen. - [Frontier AI Readiness and Resilience Service](https://fmcybersecurity.com/products/crowdstrike/frontier-ai-readiness-and-resilience.md): En tjeneste som hjelper organisasjoner med å forberede seg på AI-drevne trusler ved å finne og lukke utnyttbare svakheter raskere. - [Identity Protection](https://fmcybersecurity.com/products/crowdstrike/identity-protection.md): Identity Protection stopper identitetsbaserte angrep på tvers av Active Directory og Entra ID. - [Incident Response](https://fmcybersecurity.com/products/crowdstrike/incident-response.md): Rask respons på aktive sikkerhetsbrudd som stanser trusselen, etterforsker og hjelper med å gjenopprette systemer. - [Next-Gen SIEM](https://fmcybersecurity.com/products/crowdstrike/next-gen-siem.md): Next-Gen SIEM er en AI-native plattform for sikkerhetsinformasjon og hendelseshåndtering som moderniserer SOC-en. - [Red Team Services](https://fmcybersecurity.com/products/crowdstrike/red-team-services.md): Realistiske angrepssimuleringer som tester deteksjons- og responsevne med ekte angrepsteknikker. - [Strategic Advisory Services](https://fmcybersecurity.com/products/crowdstrike/strategic-advisory-services.md): Rådgivning som forankrer sikkerhetsarbeidet i forretningsrisiko og setter et tydelig veikart for ledelsen. - [Technical Advisory Services](https://fmcybersecurity.com/products/crowdstrike/technical-advisory-services.md): Praktiske tekniske vurderinger som styrker miljøet med konkrete anbefalinger ingeniører kan handle ut fra. - [Threat Intelligence](https://fmcybersecurity.com/products/crowdstrike/threat-intelligence.md): Threat Intelligence gir sanntidsinnsikt om angripere og metodene de bruker. - [AI Agent Identities](https://fmcybersecurity.com/products/cyberark/agentic-identities.md): Identitetssikkerhet for autonome AI-agenter. - [Certificate Manager](https://fmcybersecurity.com/products/cyberark/certificate-manager.md): Certificate Manager automatiserer livssyklusen til TLS- og maskinsertifikater, med oppdagelse, utstedelse, fornyelse og håndheving av policy. - [Code Sign Manager](https://fmcybersecurity.com/products/cyberark/code-sign-manager.md): Code Sign Manager sikrer nøkler og prosesser for kodesignering, slik at utviklere kan signere kode under virksomhetens kontroller. - [Endpoint Privilege Manager](https://fmcybersecurity.com/products/cyberark/endpoint-privilege-manager.md): Styring av endepunktsprivilegier som fjerner overflødige lokale admin-rettigheter og kontrollerer hvilke applikasjoner som kan kjøre på hver enhet. - [Human Identities](https://fmcybersecurity.com/products/cyberark/human-identities.md): Identitetssikkerhet for menneskene i organisasjonen, fra daglig pålogging til de mest privilegerte kontoene. - [Identity Governance](https://fmcybersecurity.com/products/cyberark/identity-governance.md): Moderne identitetsstyring og -administrasjon som håndterer livssykluser, tilgangsforespørsler og tilgangsgjennomganger på tvers av applikasjoner. - [Machine Identities](https://fmcybersecurity.com/products/cyberark/machine-identities.md): Identitetssikkerhet for maskinene, secrets, sertifikater, nøkler og workloads som driver virksomheten. - [Privileged Access Manager](https://fmcybersecurity.com/products/cyberark/privileged-access-manager.md): Styring av privilegert tilgang som sikrer, roterer og logger de kraftigste kontoene på tvers av lokale, sky- og hybride systemer. - [Secrets Hub](https://fmcybersecurity.com/products/cyberark/secrets-hub.md): Secrets Hub oppdager og styrer hemmeligheter sentralt på tvers av skyhvelv som AWS Secrets Manager og Azure Key Vault. - [Secrets Manager](https://fmcybersecurity.com/products/cyberark/secrets-manager.md): Secrets Manager lagrer, roterer og styrer hemmeligheter og legitimasjon som applikasjoner, skript og CI/CD-løp bruker. - [Secure AI Agents](https://fmcybersecurity.com/products/cyberark/secure-ai-agents.md): Secure AI Agents gir identitetssikkerhet til autonome AI-agenter, med oppdagelse, tilgang uten stående privilegier, trusseldeteksjon og livssyklusstyring. - [Secure Browser](https://fmcybersecurity.com/products/cyberark/secure-browser.md): En identitetssentrert bedriftsnettleser som gir mer sikkerhet og kontroll over hvordan brukere når web- og SaaS-applikasjoner. - [Secure Cloud Access](https://fmcybersecurity.com/products/cyberark/secure-cloud-access.md): Just-in-time-tilgang til skykonsoller og kommandolinjeverktøy uten faste privilegier for utviklere og skyadministratorer. - [SSH Manager](https://fmcybersecurity.com/products/cyberark/ssh-manager.md): SSH Manager oppdager og styrer SSH-nøkler i hele virksomheten for å redusere ustyrte og risikable nøkler. - [Vendor PAM](https://fmcybersecurity.com/products/cyberark/vendor-pam.md): Sikker og overvåket privilegert tilgang for tredjepartsleverandører og eksterne brukere, uten VPN, agenter eller delte passord. - [Workforce Identity](https://fmcybersecurity.com/products/cyberark/workforce-identity.md): Identitets- og tilgangsstyring som gir ansatte trygg og enkel tilgang til forretningsapplikasjonene de bruker hver dag. - [Workload Identity Manager](https://fmcybersecurity.com/products/cyberark/workload-identity-manager.md): Workload Identity Manager utsteder kortlevde identiteter til skybaserte arbeidslaster med den åpne SPIFFE-standarden. - [AI Exposure](https://fmcybersecurity.com/products/tenable/ai-exposure.md): AI Exposure sikrer hvordan en organisasjon bruker AI ved å oppdage AI-plattformer, finne AI-relatert risiko og hjelpe med å styre den risikoen. - [Attack Surface Management](https://fmcybersecurity.com/products/tenable/attack-surface-management.md): Attack Surface Management oppdager løpende internettvendte enheter og tjenester slik at ukjente sårbarheter blir synlige. - [Cloud Security](https://fmcybersecurity.com/products/tenable/cloud-security.md): Cloud Security beskytter skybaserte applikasjoner på tvers av AWS, Azure og Google Cloud ved å finne feilkonfigurasjoner, risikable tilganger og sårbarheter i arbeidslaster. - [Connectors](https://fmcybersecurity.com/products/tenable/connectors.md): Connectors henter data fra tredjeparts sikkerhets- og IT-verktøy inn i Tenable One for ett samlet sårbarhetsbilde. - [Hexa AI](https://fmcybersecurity.com/products/tenable/hexa-ai.md): Hexa AI er den agentiske AI-motoren i Tenable One som orkestrerer og automatiserer sikkerhetsarbeidsflyter og gjør sårbarhetsdata om til handling. - [Identity Exposure](https://fmcybersecurity.com/products/tenable/identity-exposure.md): Identity Exposure finner risikable feilkonfigurasjoner og angrepsveier i Active Directory og Entra ID og hjelper med å lukke veiene angripere bruker til sideveis bevegelse. - [OT Security](https://fmcybersecurity.com/products/tenable/ot-security.md): OT Security gir innsikt og sårbarhetshåndtering for operasjonell teknologi og industrielle styringssystemer. - [Patch Management](https://fmcybersecurity.com/products/tenable/patch-management.md): Patch Management automatiserer utbedring ved å koble sårbarheter til riktige oppdateringer og bruke rettelser med policybaserte rammer. - [Vulnerability Management](https://fmcybersecurity.com/products/tenable/vulnerability-management.md): Vulnerability Management oppdager og vurderer sårbarheter på tvers av IT-enheter og prioriterer dem etter risiko slik at team retter de viktigste først. - [Web App Scanning](https://fmcybersecurity.com/products/tenable/web-app-scanning.md): Web App Scanning gir dynamisk applikasjonssikkerhetstesting som automatisk skanner kjørende webapplikasjoner og API-er for sårbarheter. ## Partners - [CrowdStrike partner page](https://fmcybersecurity.com/en/partners/crowdstrike.md): Certified partner; Falcon Complete Next-Gen MDR and Falcon AIDR as the core delivery model. - [CrowdStrike partnerside](https://fmcybersecurity.com/partners/crowdstrike.md): Sertifisert partner; Falcon Complete Next-Gen MDR og Falcon AIDR som kjerneleveranse. - [Aikido partner page](https://fmcybersecurity.com/en/partners/aikido.md): Certified partner; AI Pentest as the delivery model for testing. - [Aikido partnerside](https://fmcybersecurity.com/partners/aikido.md): Sertifisert partner; AI Pentest som leveransemodell for testing. - [Tenable partner page](https://fmcybersecurity.com/en/partners/tenable.md): Certified partner; exposure-management practice across cloud, endpoint and OT. - [Tenable partnerside](https://fmcybersecurity.com/partners/tenable.md): Sertifisert partner; sårbarhetshåndtering på tvers av sky, endepunkt og OT. - [Idira (CyberArk) partner page](https://fmcybersecurity.com/en/partners/cyberark.md): Certified partner; PAM-focused identity practice. - [Idira (CyberArk) partnerside](https://fmcybersecurity.com/partners/cyberark.md): Sertifisert partner; PAM-fokusert identitetspraksis. ## Insight indexes - [Insights](https://fmcybersecurity.com/en/insights.md): Strategic perspective, operational guides, and webinars from the FM CyberSecurity team. - [Innsikt](https://fmcybersecurity.com/insights.md): Strategisk perspektiv, operative guider og webinarer fra FM CyberSecurity-teamet. - [All articles](https://fmcybersecurity.com/en/insights/all.md): The full archive of articles, guides, news, reports, and press mentions from FM CyberSecurity. - [Alle artikler](https://fmcybersecurity.com/insights/all.md): Hele arkivet med artikler, guider, nyheter, rapporter og presseomtaler fra FM CyberSecurity. - [News](https://fmcybersecurity.com/en/insights/news.md): Latest news and announcements from FM CyberSecurity. - [Nyheter](https://fmcybersecurity.com/insights/news.md): Siste nytt og oppdateringer fra FM CyberSecurity. - [Events](https://fmcybersecurity.com/en/insights/events.md): Upcoming and past events, webinars, and live sessions. - [Arrangementer](https://fmcybersecurity.com/insights/events.md): Kommende og tidligere arrangementer, webinarer og live-sesjoner. - [Tracked attacks](https://fmcybersecurity.com/en/insights/attacks.md): Cybersecurity incidents affecting Norwegian organisations, with sourced summaries. - [Registrerte angrep](https://fmcybersecurity.com/insights/attacks.md): Cyberhendelser mot norske organisasjoner med kildebaserte sammendrag. - [Press](https://fmcybersecurity.com/en/insights/press.md): FM CyberSecurity and our consultants in the press — op-eds, interviews, and founder profiles in Norwegian media. - [Presse](https://fmcybersecurity.com/insights/press.md): FM CyberSecurity og våre konsulenter i mediene — kronikker, intervjuer og gründerprofiler i norske medier. - [Cyber Dictionary](https://fmcybersecurity.com/en/insights/dictionary.md): A reference for the terms, acronyms, and frameworks we use every day in security work — from MDR to NIS2. - [Cyberordbok](https://fmcybersecurity.com/insights/dictionary.md): En oppslagsbok over begreper, akronymer og rammeverk vi bruker daglig i sikkerhetsarbeidet — fra MDR til NIS2. - [Patch Tuesday](https://fmcybersecurity.com/en/insights/series/patch-tuesday.md): Monthly analysis of Microsoft's security updates: what to patch first and why. - [Patch Tuesday](https://fmcybersecurity.com/insights/series/patch-tuesday.md): Månedlig gjennomgang av Microsofts sikkerhetsoppdateringer: hva som må patches først og hvorfor. - [Vulnerability News](https://fmcybersecurity.com/en/insights/vulnerabilities.md): Short, curated security news: new vulnerabilities, exploited zero days, and patches across the products Nordic organisations run. - [Sårbarhetsnyheter](https://fmcybersecurity.com/insights/vulnerabilities.md): Korte, kuraterte sikkerhetsnyheter: nye sårbarheter, utnyttede nulldager og patcher for produktene nordiske virksomheter bruker. - [Browse insights by topic](https://fmcybersecurity.com/en/insights/topics.md): Pick a topic to see every article, guide, and update from the FM CyberSecurity team in that area. - [Bla i innsikter etter tema](https://fmcybersecurity.com/insights/topics.md): Velg et tema for å se alle artikler, guider og oppdateringer fra FM CyberSecurity-teamet på det området. - [Strategy](https://fmcybersecurity.com/en/insights/strategy.md): Articles, guides and news on Strategy. - [Strategi](https://fmcybersecurity.com/insights/strategy.md): Artikler, guider og nyheter om Strategi. - [Compliance](https://fmcybersecurity.com/en/insights/compliance.md): Articles, guides and news on Compliance. - [Compliance](https://fmcybersecurity.com/insights/compliance.md): Artikler, guider og nyheter om Compliance. - [Endpoint Security](https://fmcybersecurity.com/en/insights/endpoint.md): Articles, guides and news on Endpoint Security. - [Endepunktssikkerhet](https://fmcybersecurity.com/insights/endpoint.md): Artikler, guider og nyheter om Endepunktssikkerhet. - [Identity Security](https://fmcybersecurity.com/en/insights/identity.md): Articles, guides and news on Identity Security. - [Identitetssikkerhet](https://fmcybersecurity.com/insights/identity.md): Artikler, guider og nyheter om Identitetssikkerhet. - [Cloud Security](https://fmcybersecurity.com/en/insights/cloud.md): Articles, guides and news on Cloud Security. - [Skysikkerhet](https://fmcybersecurity.com/insights/cloud.md): Artikler, guider og nyheter om Skysikkerhet. - [Exposure Management](https://fmcybersecurity.com/en/insights/exposure.md): Articles, guides and news on Exposure Management. - [Sårbarhetshåndtering](https://fmcybersecurity.com/insights/exposure.md): Artikler, guider og nyheter om Sårbarhetshåndtering. - [Application Security](https://fmcybersecurity.com/en/insights/appsec.md): Articles, guides and news on Application Security. - [Applikasjonssikkerhet](https://fmcybersecurity.com/insights/appsec.md): Artikler, guider og nyheter om Applikasjonssikkerhet. - [AI Security](https://fmcybersecurity.com/en/insights/ai-security.md): Articles, guides and news on AI Security. - [AI-sikkerhet](https://fmcybersecurity.com/insights/ai-security.md): Artikler, guider og nyheter om AI-sikkerhet. - [Industry](https://fmcybersecurity.com/en/insights/industry.md): Articles, guides and news on Industry. - [Bransje](https://fmcybersecurity.com/insights/industry.md): Artikler, guider og nyheter om Bransje. - [ServiceNow vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/servicenow.md): Curated vulnerability news about ServiceNow from FM CyberSecurity. - [Sårbarhetsnyheter om ServiceNow](https://fmcybersecurity.com/insights/vulnerabilities/servicenow.md): Kuraterte sårbarhetsnyheter om ServiceNow fra FM CyberSecurity. - [Microsoft vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/microsoft.md): Curated vulnerability news about Microsoft from FM CyberSecurity. - [Sårbarhetsnyheter om Microsoft](https://fmcybersecurity.com/insights/vulnerabilities/microsoft.md): Kuraterte sårbarhetsnyheter om Microsoft fra FM CyberSecurity. - [Windows vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/windows.md): Curated vulnerability news about Windows from FM CyberSecurity. - [Sårbarhetsnyheter om Windows](https://fmcybersecurity.com/insights/vulnerabilities/windows.md): Kuraterte sårbarhetsnyheter om Windows fra FM CyberSecurity. - [Apple vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/apple.md): Curated vulnerability news about Apple from FM CyberSecurity. - [Sårbarhetsnyheter om Apple](https://fmcybersecurity.com/insights/vulnerabilities/apple.md): Kuraterte sårbarhetsnyheter om Apple fra FM CyberSecurity. - [Google vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/google.md): Curated vulnerability news about Google from FM CyberSecurity. - [Sårbarhetsnyheter om Google](https://fmcybersecurity.com/insights/vulnerabilities/google.md): Kuraterte sårbarhetsnyheter om Google fra FM CyberSecurity. - [Firefox vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/firefox.md): Curated vulnerability news about Firefox from FM CyberSecurity. - [Sårbarhetsnyheter om Firefox](https://fmcybersecurity.com/insights/vulnerabilities/firefox.md): Kuraterte sårbarhetsnyheter om Firefox fra FM CyberSecurity. - [npm vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/npm.md): Curated vulnerability news about npm from FM CyberSecurity. - [Sårbarhetsnyheter om npm](https://fmcybersecurity.com/insights/vulnerabilities/npm.md): Kuraterte sårbarhetsnyheter om npm fra FM CyberSecurity. - [GitHub vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/github.md): Curated vulnerability news about GitHub from FM CyberSecurity. - [Sårbarhetsnyheter om GitHub](https://fmcybersecurity.com/insights/vulnerabilities/github.md): Kuraterte sårbarhetsnyheter om GitHub fra FM CyberSecurity. - [Ivanti vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/ivanti.md): Curated vulnerability news about Ivanti from FM CyberSecurity. - [Sårbarhetsnyheter om Ivanti](https://fmcybersecurity.com/insights/vulnerabilities/ivanti.md): Kuraterte sårbarhetsnyheter om Ivanti fra FM CyberSecurity. - [Aikido vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/aikido.md): Curated vulnerability news about Aikido from FM CyberSecurity. - [Sårbarhetsnyheter om Aikido](https://fmcybersecurity.com/insights/vulnerabilities/aikido.md): Kuraterte sårbarhetsnyheter om Aikido fra FM CyberSecurity. - [CrowdStrike vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/crowdstrike.md): Curated vulnerability news about CrowdStrike from FM CyberSecurity. - [Sårbarhetsnyheter om CrowdStrike](https://fmcybersecurity.com/insights/vulnerabilities/crowdstrike.md): Kuraterte sårbarhetsnyheter om CrowdStrike fra FM CyberSecurity. - [Tenable vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/tenable.md): Curated vulnerability news about Tenable from FM CyberSecurity. - [Sårbarhetsnyheter om Tenable](https://fmcybersecurity.com/insights/vulnerabilities/tenable.md): Kuraterte sårbarhetsnyheter om Tenable fra FM CyberSecurity. - [Claude vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/claude.md): Curated vulnerability news about Claude from FM CyberSecurity. - [Sårbarhetsnyheter om Claude](https://fmcybersecurity.com/insights/vulnerabilities/claude.md): Kuraterte sårbarhetsnyheter om Claude fra FM CyberSecurity. - [AI vulnerability news](https://fmcybersecurity.com/en/insights/vulnerabilities/ai.md): Curated vulnerability news about AI from FM CyberSecurity. - [Sårbarhetsnyheter om AI](https://fmcybersecurity.com/insights/vulnerabilities/ai.md): Kuraterte sårbarhetsnyheter om AI fra FM CyberSecurity. ## Insight articles (English) - [FM Cyber Breakfast: CrowdStrike](https://fmcybersecurity.com/en/insights/ai-security/fm-cyber-breakfast-crowdstrike-2026-08.md): Live demos from the console: an agentic SOC, reports with Claude, our own SOC-Cockpit, and AI visibility. MESH Youngstorget, 20 August, 08:30 to 10:00. - [What the EU Cyber Resilience Act is, and who it covers](https://fmcybersecurity.com/en/insights/compliance/what-the-eu-cyber-resilience-act-is.md): The CRA is an EU law that ties cybersecurity rules to CE marking, so a product with digital elements cannot enter the EU market without it. - [What CISSP certification means when picking a cybersecurity consultant](https://fmcybersecurity.com/en/insights/strategy/what-cissp-means-when-picking-a-consultant.md): CISSP signals broad security judgment and a five-year experience bar, but it does not promise hands-on depth in any single tool you buy. - [What ISO 27001 Lead Implementer certification means for your project](https://fmcybersecurity.com/en/insights/compliance/what-iso-27001-lead-implementer-means-for-your-project.md): An ISO 27001 Lead Implementer builds your ISMS; a Lead Auditor checks it. Hire the wrong role and your certification project stalls. - [Which regulations require recurring pentests, and how to deliver them without manual work](https://fmcybersecurity.com/en/insights/appsec/which-regulations-require-recurring-pentests.md): Five frameworks tell Norwegian SMBs to test security regularly. Only one mandates a human red team, and most teams overpay for the rest. - [How we pentest apps as part of ISO 27001 work](https://fmcybersecurity.com/en/insights/appsec/how-we-pentest-apps-for-iso-27001.md): How FM CyberSecurity produces ISO 27001-defensible app pentest evidence through Aikido AI Pentest, without a manual pentest engagement, mapped to Annex A 8.29. - [How to get a free Tenable One tenant from us](https://fmcybersecurity.com/en/insights/exposure/how-to-get-a-free-tenable-one-tenant.md): How to get a free trial Tenable One tenant from FM CyberSecurity, scan your own infrastructure, and walk away with a written readout you can act on. - [How to claim a free identity check via CrowdStrike](https://fmcybersecurity.com/en/insights/identity/how-to-claim-a-free-crowdstrike-identity-check.md): A free CrowdStrike Falcon Identity Protection trial that shows your exposed, stale, and over-privileged accounts before you commit to anything. - [Talk to the chief architect behind one of the world's largest CyberArk deployments](https://fmcybersecurity.com/en/insights/identity/talk-to-the-cyberark-chief-architect.md): When you buy privileged access management, you should talk to the practitioner who has run CyberArk at the largest scale, not a reseller. - [How we run the first vulnerability assessment in Tenable One](https://fmcybersecurity.com/en/insights/exposure/first-vulnerability-assessment-in-tenable-one.md): A two-week, day-by-day walkthrough of the first vulnerability assessment FM CyberSecurity runs on Tenable One for a new Norwegian SMB customer. - [How we run the vulnerability program for new customers in Tenable One](https://fmcybersecurity.com/en/insights/exposure/how-we-run-the-vulnerability-program-in-tenable-one.md): The weekly, monthly, and quarterly cadence FM CyberSecurity runs on Tenable One for Norwegian SMB customers, with the people, the meetings, and the evidence trail. - [Exposure management vs vulnerability management, why the terms are not the same](https://fmcybersecurity.com/en/insights/exposure/exposure-management-vs-vulnerability-management.md): Vulnerability management tells you what is broken. Exposure management tells you what can hurt the contract you just signed. - [FM CyberSecurity at Arrow ECS Summer Cloud Festival 2026](https://fmcybersecurity.com/en/insights/industry/fm-at-arrow-ecs-summer-cloud-festival-2026.md): Four of us on the floor at Arrow ECS Norway's Summer Cloud Festival in Oslo. A big thanks to the Arrow crew for a great event. - [Nessus, Tenable Vulnerability Management, or Tenable One, which fits your business](https://fmcybersecurity.com/en/insights/exposure/nessus-vs-tenable-vulnerability-management-vs-tenable-one.md): A plain-English decision guide for Norwegian SMBs choosing between Nessus, Tenable Vulnerability Management, and Tenable One. - [Tenable visits FM CyberSecurity, and a lap on Silverstone](https://fmcybersecurity.com/en/insights/exposure/tenable-visit-and-sim-race-may-2026.md): Tenable came by our Oslo office this week. Guy March took the sim for a lap on Silverstone and clocked 1:36.052. - [What Nessus is, and where it fits in the Tenable portfolio](https://fmcybersecurity.com/en/insights/exposure/what-nessus-is-in-the-tenable-portfolio.md): A plain-English guide to Nessus, the Tenable scanner, including the current SKUs and how it relates to Tenable Vulnerability Management and Tenable One. - [Fredrik Standahl in Digi.no on shadow AI in Norway](https://fmcybersecurity.com/en/insights/ai-security/fredrik-standahl-in-digi-on-shadow-ai-in-norway.md): Digi.no published a Fredrik Standahl op-ed on treating AI as critical infrastructure and the Lovable breach as a warning sign. - [Fredrik Standahl in E24 on shadow AI in Norway](https://fmcybersecurity.com/en/insights/ai-security/fredrik-standahl-in-e24-on-shadow-ai-in-norway.md): E24 published a Fredrik Standahl op-ed on shadow AI in Norwegian workplaces and the data exposure pattern behind it. - [How we handle Shadow AI with Falcon AIDR](https://fmcybersecurity.com/en/insights/ai-security/how-we-handle-shadow-ai-with-falcon-aidr.md): A six-step FM CyberSecurity engagement that takes a Norwegian SMB from no Shadow AI visibility to a written policy and Falcon AIDR detection rules in one quarter. - [What Shadow AI is, and why Norwegian SMBs struggle to see it](https://fmcybersecurity.com/en/insights/ai-security/what-shadow-ai-is-and-why-smbs-cannot-see-it.md): Shadow AI is unsanctioned AI use on company data. Norwegian SMBs miss it because policy without detection is faith, and usage moves to personal devices. - [What a SOC is, and when you need your own](https://fmcybersecurity.com/en/insights/endpoint/what-a-soc-is-and-when-you-need-your-own.md): A plain-English guide to what a Security Operations Centre really does, what one costs to run, and why most Norwegian SMBs should rent rather than build. - [What SIEM is, and when an SMB needs one](https://fmcybersecurity.com/en/insights/endpoint/what-siem-is-and-when-smbs-need-one.md): Most Norwegian SMBs do not need a standalone SIEM. Here is when you do, when your EDR already covers it, and what to do next. - [EDR and antivirus, what the difference is, and what you need](https://fmcybersecurity.com/en/insights/endpoint/edr-and-antivirus-what-the-difference-is.md): Antivirus names a known bad file. EDR shows what the attacker did next. Against modern attacks you need the second answer. - [Microsoft Patch Tuesday May 2026: what to patch first](https://fmcybersecurity.com/en/insights/exposure/microsoft-patch-tuesday-may-2026.md): May 2026 ships 137 CVEs and no zero-days. Domain controllers go first for Netlogon and DNS Client RCEs, both CVSS 9.8 and unauthenticated. - [How we publish to our website with no admin login](https://fmcybersecurity.com/en/insights/strategy/how-we-publish-to-our-website-with-no-admin-login.md): FM CyberSecurity publishes through a Cloudflare Workers MCP server, gated by Microsoft Entra. No admin login, no user table, no CMS, no /forgot-password page. - [What CrowdStrike Falcon is, the platform behind modern MDR](https://fmcybersecurity.com/en/insights/endpoint/what-crowdstrike-falcon-is-the-platform-behind-modern-mdr.md): CrowdStrike Falcon is one lightweight agent and a cloud console that together replace a rack of separate endpoint security tools. - [From compliance burden to competitive advantage](https://fmcybersecurity.com/en/insights/compliance/from-compliance-burden-to-competitive-advantage.md): How leadership teams move from compliance uncertainty to documented control, evidence that holds up under investor, customer, or regulatory due diligence. - [SOC 2 compliance for Norwegian SMBs selling into the US](https://fmcybersecurity.com/en/insights/compliance/soc-2-compliance-for-norwegian-smbs-selling-to-us.md): SOC 2 can win you a US deal or burn six figures you did not need. Here is how to tell which, and how it fits ISO 27001. - [What SOC 2 Type 2 is, and why US customers ask for it](https://fmcybersecurity.com/en/insights/compliance/what-soc-2-type-2-is-and-why-us-customers-ask.md): A US prospect asks for your SOC 2 Type 2 report, you do not have one, and the deal stalls. Here is what it is and the decision it forces. - [What Norway's Digital Security Act is, and how it relates to NIS2](https://fmcybersecurity.com/en/insights/compliance/what-norways-digital-security-act-is.md): If Norway counts your firm as critical, you have had legal digital-security duties since October 2025, and most boards have not noticed. - [What ISO 27001 is, and why you lose tenders without it](https://fmcybersecurity.com/en/insights/compliance/what-iso-27001-is-and-why-tenders-require-it.md): Buyers increasingly require ISO 27001 certification to even let you bid, so missing it quietly drops you from shortlists you would have won. - [ISO 27001 checklist for Norwegian SMBs](https://fmcybersecurity.com/en/insights/compliance/iso-27001-checklist-for-norwegian-smbs.md): A practical ISO 27001 checklist that takes a Norwegian small or mid-size business from "we should get certified" to a Stage 2 audit. - [DORA checklist for Norwegian financial firms](https://fmcybersecurity.com/en/insights/compliance/dora-checklist-for-norwegian-financial-firms.md): A ten-step DORA checklist for Norwegian banks, insurers, payment firms and asset managers, with Finanstilsynet deadlines and what to do this quarter. - [NIS2 checklist for Norwegian SMB leaders](https://fmcybersecurity.com/en/insights/compliance/nis2-checklist-for-norwegian-smb-leaders.md): A leader-facing NIS2 checklist for Norwegian SMBs, the scope self-test, who owns what, the reporting clock, what to budget, and the board questions to ask. - [What NIS2 is, and which Norwegian businesses fall under it](https://fmcybersecurity.com/en/insights/compliance/what-nis2-is-and-who-it-covers-in-norway.md): NIS2 obligations flow down through contracts, so you can be asked to prove security maturity even before the rule reaches Norwegian law. - [Why Aikido is our only pentest provider](https://fmcybersecurity.com/en/insights/appsec/why-aikido-is-our-only-pentest-provider.md): We deliver every pentest through Aikido AI Pentest because the annual manual report lands in a drawer and the application ships again the next week. - [Why we picked Tenable for exposure management](https://fmcybersecurity.com/en/insights/exposure/why-we-picked-tenable-for-exposure-management.md): We standardised on Tenable because boards buy one map of business risk, not a longer list of CVEs no one has time to read. - [Why we picked CrowdStrike Falcon for modern MDR](https://fmcybersecurity.com/en/insights/endpoint/why-we-picked-crowdstrike-falcon-for-modern-mdr.md): We run client MDR on CrowdStrike Falcon because the platform does the detection and response work a small security team cannot cover alone. - [How Nordic SMBs prepare for NIS2](https://fmcybersecurity.com/en/insights/compliance/nis2-prep.md): Practical compliance steps for the new EU directive, what to do this quarter, and what can wait. - [Charlotte AI: what does agentic SOC mean for you?](https://fmcybersecurity.com/en/insights/strategy/charlotte-ai-soc.md): A look at how CrowdStrike's agentic SOC changes the economics of 24/7 monitoring for SMBs. - [Fredrik Standahl in Shifter on startup AI security](https://fmcybersecurity.com/en/insights/ai-security/fredrik-standahl-in-shifter-on-startup-ai-security.md): Shifter published a Fredrik Standahl commentary on the security failures common in AI-driven startup development. - [Microsoft Patch Tuesday April 2026: what to patch first](https://fmcybersecurity.com/en/insights/exposure/microsoft-patch-tuesday-april-2026.md): April 2026 ships 163 CVEs, two zero-days, eight Criticals. A SharePoint spoofing flaw is already exploited, and a CVSS 9.8 unauthenticated Windows IKE RCE goes in the same first wave. - [FM CyberSecurity in VG, cybersecurity is booming](https://fmcybersecurity.com/en/insights/strategy/fm-cybersecurity-in-vg-dine-penger.md): VG Dine Penger interviewed Fredrik Standahl on starting a cybersecurity firm in Norway and the niche's hiring boom. - [FM CyberSecurity in Norwegian Cybersecurity Cluster](https://fmcybersecurity.com/en/insights/strategy/fm-cybersecurity-in-norwegian-cybersecurity-cluster.md): Norwegian Cybersecurity Cluster profiled FM CyberSecurity's founders and our first months building the firm in Oslo. ## Insight articles (Norwegian) - [FM Cyber Breakfast: CrowdStrike](https://fmcybersecurity.com/insights/ai-security/fm-cyber-breakfast-crowdstrike-2026-08.md): Live demoer fra konsollen: agentisk SOC, rapporter med Claude, vår egen SOC-Cockpit, og AI-synlighet. MESH Youngstorget, 20. august, 08:30 til 10:00. - [Hva EUs Cyber Resilience Act er, og hvem den omfatter](https://fmcybersecurity.com/insights/compliance/hva-er-eu-cyber-resilience-act.md): CRA er en EU-lov som knytter cybersikkerhetskrav til CE-merket, så et produkt med digitale elementer ikke kan selges i EU uten å oppfylle dem. - [Hva CISSP betyr når du velger cybersikkerhetskonsulent](https://fmcybersecurity.com/insights/strategy/cissp-i-konsulentvalget.md): CISSP viser bred sikkerhetsvurdering og minst fem års erfaring, men sier ingenting om hvor dyp konsulenten er i akkurat det verktøyet du kjøper. - [Hva ISO 27001 Lead Implementer-sertifisering betyr for prosjektet ditt](https://fmcybersecurity.com/insights/compliance/iso-27001-lead-implementer.md): En Lead Implementer bygger styringssystemet deres, en Lead Auditor reviderer det. Ansetter dere feil rolle, stopper sertifiseringsprosjektet opp. - [Hvilke regelverk krever regelmessig pentest, og hvordan dere løser det uten manuelt arbeid](https://fmcybersecurity.com/insights/appsec/regelverk-som-krever-regelmessig-pentest.md): Fem regelverk pålegger norske SMB-er regelmessig sikkerhetstesting. Bare ett krever et manuelt red team, og de fleste betaler for mye for resten. - [Slik pentester vi apper som del av ISO 27001-arbeidet](https://fmcybersecurity.com/insights/appsec/pentest-som-del-av-iso-27001.md): Slik produserer FM CyberSecurity ISO 27001-holdbar pentest-dokumentasjon gjennom Aikido AI Pentest, uten manuell pentest, koblet til vedlegg A 8.29. - [Slik får du en gratis Tenable One-tenant fra oss](https://fmcybersecurity.com/insights/exposure/gratis-tenable-one-tenant.md): Slik får du en gratis prøve-tenant av Tenable One fra FM CyberSecurity, skanner din egen infrastruktur, og sitter igjen med en skriftlig overlevering du kan handle på. - [Slik får du en gratis identitetssjekk via CrowdStrike](https://fmcybersecurity.com/insights/identity/gratis-identitetssjekk-via-crowdstrike.md): En gratis prøve av CrowdStrike Falcon Identity Protection som viser eksponerte, ubrukte og overprivilegerte kontoer før du binder deg til noe. - [Snakk direkte med sjefsarkitekten bak en av verdens største CyberArk-løsninger](https://fmcybersecurity.com/insights/identity/snakk-med-cyberark-chief-architect.md): Når du kjøper privilegert tilgangsstyring, bør du få snakke med den som har kjørt CyberArk i størst skala, ikke en forhandler med et datablad. - [Slik kjører vi første sårbarhetsanalyse i Tenable One](https://fmcybersecurity.com/insights/exposure/forste-sarbarhetsanalyse-i-tenable-one.md): To uker, dag for dag, fra avgrensningssamtale til forsvarlig baseline i Tenable One hos en ny norsk SMB-kunde. - [Slik kjører vi sårbarhetsprogrammet for nye kunder i Tenable One](https://fmcybersecurity.com/insights/exposure/sarbarhetsprogrammet-i-tenable-one.md): Ukentlig, månedlig og kvartalsvis rytme FM CyberSecurity kjører på Tenable One for norske SMB-kunder, med folkene, møtene og bevissporet. - [Exposure management og sårbarhetshåndtering, hvorfor begrepene ikke er det samme](https://fmcybersecurity.com/insights/exposure/exposure-og-sarbarhetshandtering.md): Sårbarhetshåndtering forteller hva som er ødelagt. Exposure management forteller hva som kan ramme kontrakten dere nettopp signerte. - [FM CyberSecurity på Arrow ECS Summer Cloud Festival 2026](https://fmcybersecurity.com/insights/industry/fm-paa-arrow-ecs-summer-cloud-festival-2026.md): FM CyberSecurity stilte med fire mann på Arrow ECS Norways Summer Cloud Festival i Oslo. Stor takk til Arrow-gjengen for et flott event. - [Nessus, Tenable Vulnerability Management eller Tenable One, hva passer virksomheten din](https://fmcybersecurity.com/insights/exposure/nessus-vs-tenable-vm-vs-tenable-one.md): Beslutningsguide for norske SMB-er som velger mellom Nessus, Tenable Vulnerability Management og Tenable One, skrevet i klartekst. - [Tenable på besøk hos FM CyberSecurity, og en runde på Silverstone](https://fmcybersecurity.com/insights/exposure/tenable-paa-besoek-og-simrace-mai-2026.md): Tenable var innom kontoret vårt denne uken. Guy March tok simulatoren for en runde på Silverstone og klokket 1:36.052. - [Hva er Nessus, og hvor passer den inn i Tenable-porteføljen](https://fmcybersecurity.com/insights/exposure/hva-er-nessus.md): En kort innføring i Nessus, sårbarhetsskanneren fra Tenable, med gjeldende SKU-er og forholdet til Tenable Vulnerability Management og Tenable One. - [Fredrik Standahl i Digi.no om skygge-KI i Norge](https://fmcybersecurity.com/insights/ai-security/fredrik-standahl-i-digi-om-skygge-ki-i-norge.md): Digi.no publiserte et debattinnlegg fra Fredrik Standahl om å betrakte KI som kritisk infrastruktur og Lovable-bruddet som varselsignal. - [Fredrik Standahl i E24 om skygge-KI i Norge](https://fmcybersecurity.com/insights/ai-security/fredrik-standahl-i-e24-om-skygge-ki-i-norge.md): E24 publiserte en kronikk fra Fredrik Standahl om skygge-KI på norske arbeidsplasser og dataeksponeringen som følger med. - [Slik håndterer vi Shadow AI med Falcon AIDR](https://fmcybersecurity.com/insights/ai-security/hvordan-vi-loser-shadow-ai-med-falcon-aidr.md): Et FM CyberSecurity-oppdrag på seks steg som tar et norsk SMB fra null innsyn i Shadow AI til skriftlig policy og Falcon AIDR-deteksjonsregler, på ett kvartal. - [Hva er Shadow AI, og hvorfor norske SMB-er sliter med å se det](https://fmcybersecurity.com/insights/ai-security/hva-er-shadow-ai.md): Shadow AI er usanksjonert AI-bruk på bedriftsdata. Policy uten deteksjon er tro, og forbudet flytter bare bruken over på private enheter. - [Hva er et SOC, og når virksomheten din trenger et eget](https://fmcybersecurity.com/insights/endpoint/hva-er-et-soc.md): En klar gjennomgang av hva et sikkerhetsoperasjonssenter gjør, hva det koster å drifte, og hvorfor de fleste norske SMB-er bør leie i stedet for å bygge. - [Hva er SIEM, og når SMB-en din trenger en](https://fmcybersecurity.com/insights/endpoint/hva-er-siem.md): De fleste norske SMB-er trenger ikke et eget SIEM. Her er når dere trenger ett, når EDR-en allerede dekker det, og hva dere gjør videre. - [EDR og antivirus, hva forskjellen er, og hva virksomheten din trenger](https://fmcybersecurity.com/insights/endpoint/edr-og-antivirus.md): Antivirus melder fra om en kjent ond fil. EDR viser hva angriperen gjorde videre. Mot moderne angrep trenger du det andre svaret. - [Microsoft Patch Tuesday mai 2026: hva må fikses først](https://fmcybersecurity.com/insights/exposure/microsoft-patch-tuesday-mai-2026.md): Mai 2026 leverer 137 CVE-er og ingen zero-days. Patch domenekontrollerne først for RCE-er i Netlogon og DNS, begge CVSS 9.8 og uautentiserte. - [Hva er CrowdStrike Falcon, plattformen som driver moderne MDR](https://fmcybersecurity.com/insights/endpoint/hva-er-crowdstrike-falcon-plattformen.md): CrowdStrike Falcon er én lett agent og en skykonsoll som sammen erstatter en hel rad med separate sikkerhetsverktøy på endepunktet. - [Slik publiserer vi til nettsiden uten admin-innlogging](https://fmcybersecurity.com/insights/strategy/slik-publiserer-vi-til-nettsiden-uten-admin-innlogging.md): FM CyberSecurity publiserer gjennom en Cloudflare Workers MCP-server, sluset gjennom Microsoft Entra. Ingen admin-innlogging, ingen brukertabell, ingen CMS, ingen /forgot-password-side. - [SOC 2 compliance for norske SMB-er som selger til USA](https://fmcybersecurity.com/insights/compliance/soc-2-for-norske-smb-som-selger-til-usa.md): SOC 2 kan vinne dere en amerikansk avtale, eller koste seks sifre dere ikke trengte. Slik ser dere forskjellen, og slik passer det med ISO 27001. - [Hva er SOC 2 Type 2, og hvorfor amerikanske kunder spør om den](https://fmcybersecurity.com/insights/compliance/hva-er-soc-2-type-2.md): En amerikansk kunde ber om SOC 2 Type 2-rapporten dere ikke har, og avtalen stopper. Her er hva den er, og beslutningen styret må ta. - [Hva er digitalsikkerhetsloven, og hvordan den henger sammen med NIS2](https://fmcybersecurity.com/insights/compliance/hva-er-digitalsikkerhetsloven.md): Regner Norge foretaket deres som samfunnsviktig, har dere hatt lovpålagte sikkerhetsplikter siden 1. oktober 2025. De fleste styrer har ikke hørt om loven. - [Hva er ISO 27001, og hvorfor du taper anbud uten den](https://fmcybersecurity.com/insights/compliance/hva-er-iso-27001.md): Stadig flere kjøpere krever ISO 27001-sertifisering for at dere skal få lov til å by. Uten den faller dere stille ut av anbud dere kunne ha vunnet. - [ISO 27001-sjekkliste for norske SMB-er](https://fmcybersecurity.com/insights/compliance/iso-27001-sjekkliste-for-smb.md): En praktisk sjekkliste som tar et norsk SMB-foretak fra "vi burde bli sertifisert" til en bestått trinn 2-revisjon. - [DORA-sjekkliste for norske finansforetak](https://fmcybersecurity.com/insights/compliance/dora-sjekkliste-for-finansforetak.md): Ti steg som tar et norsk finansforetak fra "vi har lest om DORA" til "vi kan svare Finanstilsynet", på ett kvartal. - [NIS2-sjekkliste for norske SMB-ledere](https://fmcybersecurity.com/insights/compliance/nis2-sjekkliste-for-smb-ledere.md): NIS2-sjekkliste for norske SMB-ledere, med omfangstesten, hvem som er ansvarlig for hva, rapporteringsfristene, hva dere bør budsjettere, og spørsmålene styret må svare på. - [Hva er NIS2, og hvilke norske virksomheter er omfattet](https://fmcybersecurity.com/insights/compliance/hva-er-nis2.md): NIS2-kravene følger kontraktene nedover, så dere kan bli bedt om å vise sikkerhetsmodenhet før regelen i det hele tatt er norsk lov. - [Hvorfor vi valgte Aikido som vår eneste pentest-leverandør](https://fmcybersecurity.com/insights/appsec/hvorfor-vi-valgte-aikido.md): Vi kjører hver pentest gjennom Aikido AI Pentest, fordi den årlige manuelle rapporten havner i en skuff mens applikasjonen ruller ut igjen uken etter. - [Hvorfor vi valgte Tenable for sårbarhetshåndtering](https://fmcybersecurity.com/insights/exposure/hvorfor-vi-valgte-tenable.md): Vi standardiserte på Tenable fordi styret kjøper ett risikobilde knyttet til kontraktene, ikke nok en CVE-liste ingen rekker å lese. - [Hvorfor vi valgte CrowdStrike Falcon for moderne MDR](https://fmcybersecurity.com/insights/endpoint/hvorfor-vi-valgte-crowdstrike-falcon.md): Vi kjører kunde-MDR på CrowdStrike Falcon fordi plattformen gjør deteksjons- og responsarbeidet et lite sikkerhetsteam ikke rekker alene. - [Slik forbereder norske SMB-er seg på NIS2](https://fmcybersecurity.com/insights/compliance/slik-forbereder-norske-smber-seg-pa-nis2.md): Praktiske compliance-steg for det nye EU-direktivet, hva du bør gjøre nå, og hva som kan vente. - [Charlotte AI: Hva betyr agentic SOC for deg?](https://fmcybersecurity.com/insights/strategy/charlotte-ai-hva-betyr-agentic-soc-for-deg.md): Slik endrer CrowdStrike sin agentic SOC økonomien i 24/7-overvåking for SMB-er. - [Fredrik Standahl i Shifter om AI-sikkerhet for startups](https://fmcybersecurity.com/insights/ai-security/fredrik-standahl-i-shifter-om-ai-sikkerhet-for-startups.md): Shifter publiserte en kommentar fra Fredrik Standahl om sikkerhetsfeilene som er vanlige i AI-drevet startup-utvikling. - [Microsoft Patch Tuesday april 2026: hva må fikses først](https://fmcybersecurity.com/insights/exposure/microsoft-patch-tuesday-april-2026.md): April 2026 leverer 163 CVE-er, to zero-days og åtte kritiske. En SharePoint-spoofing utnyttes allerede, og en CVSS 9.8 uautentisert Windows IKE RCE går i samme første runde. - [FM CyberSecurity omtalt i VG Dine Penger](https://fmcybersecurity.com/insights/strategy/fm-cybersecurity-omtalt-i-vg-dine-penger.md): VG Dine Penger intervjuet Fredrik Standahl om å starte cybersikkerhetsselskap i Norge og det glødende arbeidsmarkedet. - [FM CyberSecurity omtalt i Norwegian Cybersecurity Cluster](https://fmcybersecurity.com/insights/strategy/fm-cybersecurity-omtalt-i-norwegian-cybersecurity-cluster.md): Norwegian Cybersecurity Cluster profilerte FM CyberSecurity sine gründere og våre første måneder med å bygge selskapet i Oslo. - [Fra compliance-byrde til konkurransefortrinn](https://fmcybersecurity.com/insights/compliance/fra-compliance-byrde-til-konkurransefortrinn.md): Hvordan ledelser går fra compliance-usikkerhet til dokumentert kontroll, bevis som tåler due diligence fra investor, kunde eller tilsyn. ## Optional - [Our Offices](https://fmcybersecurity.com/en/offices.md): We are headquartered in central Oslo, working across Norway and the Nordics with international clients. - [Våre kontorer](https://fmcybersecurity.com/offices.md): Vi har hovedkontor sentralt i Oslo, og jobber på tvers av Norge og Norden — med internasjonale kunder. - [Life @ FM CyberSecurity](https://fmcybersecurity.com/en/careers.md): Glimpses from the day at Henrik Ibsens gate, from a Pascal coffee to AI-driven SOC. - [Livet @ FM CyberSecurity](https://fmcybersecurity.com/careers.md): Glimt fra hverdagen i Henrik Ibsens gate, fra morgenkaffe på Pascal til AI-drevet SOC. - [Open positions](https://fmcybersecurity.com/en/open-positions.md): Senior cybersecurity roles at FM CyberSecurity in Oslo: security consultants, identity and access (IAM), and sales leadership. - [Ledige stillinger](https://fmcybersecurity.com/open-positions.md): Senior cybersikkerhetsroller hos FM CyberSecurity i Oslo: sikkerhetskonsulenter, identitet og tilgang (IAM) og salgsledelse. - [Press kit](https://fmcybersecurity.com/en/press-kit.md): Logos and press contact for journalists and media production. - [Pressemateriell](https://fmcybersecurity.com/press-kit.md): Logoer og pressekontakt for journalister og medieproduksjon. - [Board of directors](https://fmcybersecurity.com/en/board.md): The board of directors at FM CyberSecurity. - [Styret](https://fmcybersecurity.com/board.md): Styret i FM CyberSecurity. - [FM CyberQualy](https://fmcybersecurity.com/en/sim.md): FM CyberQualy, the office racing-sim leaderboard. The ten fastest race Porsche Caymans at Rudskogen Motorsenter. - [FM CyberQualy](https://fmcybersecurity.com/sim.md): FM CyberQualy, topplisten fra racing-simulatoren på kontoret. De ti raskeste kjører Porsche Cayman på Rudskogen Motorsenter. - [FM Cyber Breakfast with CrowdStrike, FM CyberSecurity](https://fmcybersecurity.com/en/events/fm-cyber-breakfast-crowdstrike-2026-08.md): Live demos from the console: an agentic SOC, reports with Claude, our own SOC-Cockpit, and AI visibility. MESH Youngstorget, 20 August 2026, 08:30 to 10:00. - [FM Cyber Breakfast med CrowdStrike, FM CyberSecurity](https://fmcybersecurity.com/events/fm-cyber-breakfast-crowdstrike-2026-08.md): Live demoer fra konsollen: agentisk SOC, rapporter med Claude, vår egen SOC-Cockpit, og AI-synlighet. MESH Youngstorget, 20. august 2026, 08:30 til 10:00. - [FM Cyber Breakfast with Tenable, FM CyberSecurity](https://fmcybersecurity.com/en/events/fm-cyber-breakfast-tenable-2026-06.md): The headlines from Tenable EXPOSURE 2026 in Boston, served as a breakfast briefing at MESH Youngstorget, 10 June 2026, 08:30 to 10:00. - [FM Cyber Breakfast med Tenable, FM CyberSecurity](https://fmcybersecurity.com/events/fm-cyber-breakfast-tenable-2026-06.md): De viktigste nyhetene fra Tenable EXPOSURE 2026 i Boston, servert som frokostmøte på MESH Youngstorget, 10. juni 2026, 08:30 til 10:00. - [Privacy notice, FM CyberSecurity](https://fmcybersecurity.com/en/privacy.md): How FM CyberSecurity AS processes personal data from visitors, customers and event attendees. Lawful basis, recipients, retention and your rights. - [Personvernerklæring, FM CyberSecurity](https://fmcybersecurity.com/privacy.md): Slik behandler FM CyberSecurity AS personopplysninger fra besøkende, kunder og deltakere på arrangementer. Rettslig grunnlag, mottakere, lagringstid og dine rettigheter. ## Reference - [Sitemap (XML)](https://fmcybersecurity.com/sitemap-index.xml): Full XML sitemap covering both locales. - [Single-document corpus](https://fmcybersecurity.com/llms-full.txt): Every page concatenated into one Markdown file for long-context agents.