Blog

To locate a specific post or topic, simply use the search box on the upper right next to the magnifying glass icon

  • Schellman’s Associate Penetration Tester Position: What to Expect

    Schellman’s Associate Penetration Tester Position: What to Expect

    Want to be part of our Pen Test Team? We provide details on the expectations and responsibilities of an Associate Penetration Tester so that you can decide whether this is the right move for you.

    Read Article
  • ×

    First Name
    !
    Success
    Error - something went wrong!
  • Using the ONC/OCR SRA Tool in Your HIPAA Risk Analysis

    Using the ONC/OCR SRA Tool in Your HIPAA Risk Analysis

    Searching for a way to simplify your HIPAA risk analysis? The ONC/OCR tool can help--we explain how, as well as how to use it so that you satisfy the HIPAA security rule more easily.

    Read Article
  • How to Transfer an ISO Certificate

    How to Transfer an ISO Certificate

    Not sure about transferring your ISO certificate? We detail the requirements for a transfer and several factors you should consider before making this decision so you can be sure this move is for you.

    Read Article
  • The FedRAMP Assessment Process: What Do You Need to Provide?

    The FedRAMP Assessment Process: What Do You Need to Provide?

    Considering FedRAMP but not sure what it'll take to achieve? We break down 3 aspects of what you'll need to provide during the process so that you can assess if you're ready & prepare to move forward.

    Read Article
  • Controls: Automated or Manual - Is One Better?

    Controls: Automated or Manual - Is One Better?

    Debating implementing manual or automated controls, but not sure which is right? We delve into the pros and cons of each, as well as how to design an internal control no matter what type it is.

    Read Article
  • Are You Ready for Ransomware?

    Are You Ready for Ransomware?

    Are you ready in the event of a cyber attack? Our Ransomware Preparedness Assessment will help evaluate your incident response & preventative techniques to determine if you really are equipped.

    Read Article
  • Adoption Awareness Month: My Story

    Adoption Awareness Month: My Story

    In honor of Adoption Awareness Month, Schellman's own Mathieu Legendre recounts how he first met his infant son and offers solidarity to all the prospective parents still on their adoption journeys.

    Read Article
  • Schellman Appoints Chief Product & Technology Officer to Support Digital Transformation

    Schellman Appoints Chief Product & Technology Officer to Support Digital Transformation

    Schellman has appointed our first CPTO, Roopa Sudheendra, who will lead the expansion of our product development team. Welcome, Roopa!

    Read Article
  • Demonstrating Impact with Cross-Site Scripting: Beyond the Alert Box

    Demonstrating Impact with Cross-Site Scripting: Beyond the Alert Box

    Malicious actors can still leverage XSS payloads to perform CSRF-type attacks to great effect. Learn how this threat works and how you can demonstrate its potential impact during penetration testing.

    Read Article
  • The Benefits of SOC Examinations for Blockchain

    The Benefits of SOC Examinations for Blockchain

    Seeking to better sell your blockchain offering? Learn how obtaining a SOC report can help build trust with markets, further legitimize this technology, and open new doors for your service.

    Read Article
  • ISO 20000-1: An Introduction

    ISO 20000-1: An Introduction

    Never heard of ISO 20000-1? Learn what this standard mandates, including its requirements for a service management system (SMS), and why certifying against it could help you.

    Read Article
  • HIPAA vs. HITRUST

    HIPAA vs. HITRUST

    What distinguishes HIPAA from HITRUST? We detail the differences between your compliance with these two and their relationship so you understand which one (or both) to pursue.

    Read Article
  • Election-Related Threats and Defenses

    Election-Related Threats and Defenses

    With Election Day upon us again, here's an overview of voting-related security threats the U.S. faces—some more often mentioned than others—and what defenses we can employ to defend against them.

    Read Article
  • Is There Value in a Compliance Readiness Assessment?

    Is There Value in a Compliance Readiness Assessment?

    Some consider readiness assessments a skippable step in compliance, but we lay out how valuable this extra piece can be to your overall compliance goals.

    Read Article
  • Schellman Strengthens Commitment to DEI in the Workplace by Joining "CEO Action for Diversity and Inclusion"

    Schellman Strengthens Commitment to DEI in the Workplace by Joining "CEO Action for Diversity and Inclusion"

    Schellman continues to strengthen its commitment to DEI through this pledge by CEO Avani Desai. Read more about how this latest move furthers the firm's initiatives to create an inclusive workplace.

    Read Article
  • Cyberthreats You Need to Know (and What to Do About Them)

    Cyberthreats You Need to Know (and What to Do About Them)

    National Cybersecurity Awareness Month has now come to a close. Today, on Halloween, we present 3 cyber threats you should be aware of year-round and resources for protecting yourself against them.

    Read Article
  • How to Use Entropy in Penetration Testing

    How to Use Entropy in Penetration Testing

    Need a real way to bypass antivirus/endpoint detection (AV/EDRs)? We explored entropy, and here we lay out how you too can use it to help in bypassing security tools during testing.

    Read Article
  • Understanding and Defining Your SOC 1 Control Objectives

    Understanding and Defining Your SOC 1 Control Objectives

    Designing your SOC 1 control objectives is a critical part of your assessment. We provide starting points, criteria, and examples to help you simplify this important process.

    Read Article
  • ISO/IEC 27001:2022 Has Been Published: What Now?

    ISO/IEC 27001:2022 Has Been Published: What Now?

    ISO 27001:2022 is now published. Find out 4 things you need to know about this significant update and what it means for your potential or current ISO 27001 certification.

    Read Article
  • HITRUST: The Effect of TEFCA

    HITRUST: The Effect of TEFCA

    The emerging TEFCA will change how things work regarding data shared within health information exchanges. Learn about these changes and whether or not they'll mean you need a HITRUST certification.

    Read Article
  • loading
    Loading More...