-
Read ArticleThe Intricacies in Pen Test Timing
Schellman Principal, Matt Wilgus addresses one of the biggest challenges frequently seen in planning penetration tests—timing
-
Read ArticleSchellman Now a PCI ASV
Schellman expands services and becomes Payment Card Industry (PCI) Approved Scanning Vendor (ASV)
-
Read ArticleEnhanced PAM Serves Up Cloud Security
Schellman principal and threat & vulnerability assessment lead Matt Wilgus comments on how authentication and cloud security standards have changed with the increase of remote workers due to COVID-19
-
Read ArticleWhat I Learned at Career Day
Talking with 4th graders on security testing, online safety, and job skills for infosec.
-
Read ArticleHow To Patch Your Open Source Software Vulnerabilities
It's up to enterprises to quickly deploy patches to secure software before hackers get in.
-
Read Article11 Red Flags to Watch For When Hiring
In the battle for top tech talent, the wrong hire can be devastating. So do your tech team the favor of watching out for these warning signs before offering the job. It’s a hiring...
-
Read ArticleEvery CPA Firm Needs to be a Security Company
In 2018, the year of artificial intelligence, internet of things, blockchain, and big data, it is safe to say more and more companies are emerging to be technology companies. In the...
-
Read ArticleThe 14 Soft Skills Every IT Pro Needs
Hiring managers and recruiters bemoan a soft skills gap in IT Hiring managers and recruiters bemoan a soft skills gap in IT, and recent data backs up
-
Read ArticleThe Dangers in Perpetuating a Culture of Risk Acceptance
This article details the prevalence of risk acceptance within organizations, why IT security departments may be putting too much confidence in their controls, and how excessive...
-
Read ArticleFedRAMP: Three Stages of Vulnerability Scanning and their Pitfalls
Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate...
-
Read ArticleBest Practices When Implementing Web Application Scanning into an SDLC
Web application scanning, a type of dynamic application security testing (DAST), is an important component for organizations looking to provide a secure online offering to their clients.
-
Read ArticleHow can we keep voter data safe?
Originally published on www.iapp.org
-
Read ArticleDatabase Security and FedRAMP
Many cloud service providers (CSPs) are not fully addressing the database scanning requirements for FedRAMP and have questions related to database security and FedRAMP. This article details the...
-
Read ArticleThe Panama Papers, Mossack Fonseca and the Writing on the Wall
The release of details contained in the Panama Papers will be one of the biggest news stories of the year. The number of high-profile individuals implicated will continue to grow as teams comb...
-
Read ArticlePrepping for FedRAMP – 5 Things CSPs to Note
Originally published on www.fedrampfastforward.com BrightLine works with many cloud service providers (CSPs) which have built successful business by providing services to the private sector. With...
-
Read Article3 Ways Your IT Company Can Establish Trust
Technology advancements move at a blistering pace and the integration of new development languages, frameworks, databases and the like is also quickening. Some new technologies become the...
-
Read ArticleFedRAMP and PCI – A Comparison of Scanning and Penetration Testing Requirements
Overview In the last 30 days, the FedRAMP Program Management Office (PMO) has published guidance for both vulnerability scanning and penetration testing. The updated guidance comes on the heels...
-
Read ArticleFrequency of Vulnerability Scans for PCI DSS
Q: We are a SaaS provider that follows a Scrum methodology, generally with two-week sprints. We do not handle cardholder data, but several clients are requiring vulnerability scans to show...
-
Loading More...
Learning Center
Stay up to date and discover new insights into compliance through our team’s thought leadership
