-
What Does a Penetration Test Cost? Scope Factors That Matter
Wondering what a pen test costs? Your scope will play a huge part in price--we detail different kinds of pen tests and the scoping factors that will affect your final number.
-
The Intricacies in Pen Test Timing
Schellman Principal, Matt Wilgus addresses one of the biggest challenges frequently seen in planning penetration tests—timing
-
Schellman is Now a PCI ASV
Schellman expands services and becomes Payment Card Industry (PCI) Approved Scanning Vendor (ASV)
-
Enhanced PAM Serves Up Cloud Security
Schellman principal and threat & vulnerability assessment lead Matt Wilgus comments on how authentication and cloud security standards have changed with the increase of remote workers due to COVID-19
-
What I Learned at Career Day
Talking with 4th graders on security testing, online safety, and job skills for infosec.
-
How To Patch Your Open Source Software Vulnerabilities
It's up to enterprises to quickly deploy patches to secure software before hackers get in.
-
11 Red Flags to Watch For When Hiring
In the battle for top tech talent, the wrong hire can be devastating. So do your tech team the favor of watching out for these warning signs before offering the job. It’s a hiring...
-
Every CPA Firm Needs to be a Security Company
In 2018, the year of artificial intelligence, internet of things, blockchain, and big data, it is safe to say more and more companies are emerging to be technology companies. In the...
-
The 14 Soft Skills Every IT Pro Needs
Hiring managers and recruiters bemoan a soft skills gap in IT Hiring managers and recruiters bemoan a soft skills gap in IT, and recent data backs up
-
The Dangers in Perpetuating a Culture of Risk Acceptance
This article details the prevalence of risk acceptance within organizations, why IT security departments may be putting too much confidence in their controls, and how excessive...
-
FedRAMP: Three Stages of Vulnerability Scanning and their Pitfalls
Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate...
-
Best Practices When Implementing Web Application Scanning into an SDLC
Web application scanning, a type of dynamic application security testing (DAST), is an important component for organizations looking to provide a secure online offering to their clients.
-
How can we keep voter data safe?
Originally published on www.iapp.org
-
Database Security and FedRAMP
Many cloud service providers (CSPs) are not fully addressing the database scanning requirements for FedRAMP and have questions related to database security and FedRAMP. This article details the...
-
The Panama Papers, Mossack Fonseca and the Writing on the Wall
The release of details contained in the Panama Papers will be one of the biggest news stories of the year. The number of high-profile individuals implicated will continue to grow as teams comb...
-
Prepping for FedRAMP – 5 Things CSPs to Note
Originally published on www.fedrampfastforward.com BrightLine works with many cloud service providers (CSPs) which have built successful business by providing services to the private sector. With...
-
3 Ways Your IT Company Can Establish Trust
Technology advancements move at a blistering pace and the integration of new development languages, frameworks, databases and the like is also quickening. Some new technologies become the...
-
FedRAMP and PCI – A Comparison of Scanning and Penetration Testing Requirements
Overview In the last 30 days, the FedRAMP Program Management Office (PMO) has published guidance for both vulnerability scanning and penetration testing. The updated guidance comes on the heels...
-
Frequency of Vulnerability Scans for PCI DSS
Q: We are a SaaS provider that follows a Scrum methodology, generally with two-week sprints. We do not handle cardholder data, but several clients are requiring vulnerability scans to show...
-
Loading More...