Matt Wilgus

Matt Wilgus is a Principal at Schellman & Company, Inc. Matt leads the Security Testing and Assessment offerings. In this role he heads the delivery of Schellman’s penetration testing services related to 3PAO and PCI assessments, as well as other regulatory and compliance programs. Matt has over 20 years’ experience in information security, with a focus on identifying, exploiting and remediating vulnerabilities, in addition to extensive experience enhancing client security programs while effectively meeting compliance requirements.

  • 11 Red Flags to Watch For When Hiring

    11 Red Flags to Watch For When Hiring

    In the battle for top tech talent, the wrong hire can be devastating. So do your tech team the favor of watching out for these warning signs before offering the job. It’s a hiring...

    Read Article
  • Every CPA Firm Needs to be a Security Company

    Every CPA Firm Needs to be a Security Company

    In 2018, the year of artificial intelligence, internet of things, blockchain, and big data, it is safe to say more and more companies are emerging to be technology companies. In the...

    Read Article
  • The 14 Soft Skills Every IT Pro Needs

    The 14 Soft Skills Every IT Pro Needs

    Hiring managers and recruiters bemoan a soft skills gap in IT Hiring managers and recruiters bemoan a soft skills gap in IT, and recent data backs up

    Read Article
  • The Dangers in Perpetuating a Culture of Risk Acceptance

    The Dangers in Perpetuating a Culture of Risk Acceptance

    This article details the prevalence of risk acceptance within organizations, why IT security departments may be putting too much confidence in their controls, and how excessive...

    Read Article
  • FedRAMP: Three Stages of Vulnerability Scanning and their Pitfalls

    FedRAMP: Three Stages of Vulnerability Scanning and their Pitfalls

    Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate...

    Read Article
  • Best Practices When Implementing Web Application Scanning into an SDLC

    Best Practices When Implementing Web Application Scanning into an SDLC

    Web application scanning, a type of dynamic application security testing (DAST), is an important component for organizations looking to provide a secure online offering to their clients.

    Read Article
  • How can we keep voter data safe?

    How can we keep voter data safe?

    Originally published on www.iapp.org

    Read Article
  • Database Security and FedRAMP

    Database Security and FedRAMP

    Many cloud service providers (CSPs) are not fully addressing the database scanning requirements for FedRAMP and have questions related to database security and FedRAMP.  This article details the...

    Read Article
  • The Panama Papers, Mossack Fonseca and the Writing on the Wall

    The Panama Papers, Mossack Fonseca and the Writing on the Wall

    The release of details contained in the Panama Papers will be one of the biggest news stories of the year.  The number of high-profile individuals implicated will continue to grow as teams comb...

    Read Article
  • Prepping for FedRAMP – 5 Things CSPs to Note

    Prepping for FedRAMP – 5 Things CSPs to Note

    Originally published on www.fedrampfastforward.com BrightLine works with many cloud service providers (CSPs) which have built successful business by providing services to the private sector. With...

    Read Article
  • 3 Ways Your IT Company Can Establish Trust

    3 Ways Your IT Company Can Establish Trust

    Technology advancements move at a blistering pace and the integration of new development languages, frameworks, databases and the like is also quickening. Some new technologies become the...

    Read Article
  • FedRAMP and PCI – A Comparison of Scanning and Penetration Testing Requirements

    FedRAMP and PCI – A Comparison of Scanning and Penetration Testing Requirements

     Overview In the last 30 days, the FedRAMP Program Management Office (PMO) has published guidance for both vulnerability scanning and penetration testing. The updated guidance comes on the heels...

    Read Article
  • Frequency of Vulnerability Scans for PCI DSS

    Frequency of Vulnerability Scans for PCI DSS

    Q: We are a SaaS provider that follows a Scrum methodology, generally with two-week sprints. We do not handle cardholder data, but several clients are requiring vulnerability scans to show...

    Read Article
  • loading
    Loading More...