Clock Runs Out for Windows 7 Holdouts: Upgrade or Replace?
After 10 years of fully supporting Windows 7 Microsoft ended its official support for the out-of-date operating system. Consumers who have not upgraded to Windows 10 become part of attack vector.
Read Article
Protecting your Domain with DMARC
It has never been easier to establish an online presence and having your domain is key. When managing DNS records users should stay up to date with regards to safeguarding their domain's reputation.
Read Article
Preparing for an API Penetration Test
Many organizations provide Application Program Interfaces (APIs) to allow their clients and business partners to enter and retrieve data. We primarily see REST based APIs, but also GraphQL and SOAP.
Read Article
Ransomware Attacks Keep Growing
Though ransomware attacks aren’t a recent phenomenon they do seem to be increasing in frequency and intensity. If society has grown used to these kinds of cyberattacks that’s about to change.
Read Article
Artificial Intelligence: A relative reality
To differentiate what is marketing jargon from what CISOs can do with AI-enhanced products, security leaders were interviewed to find out which products embedded with AI deliver on their promises.
Read Article
Verizon Releases 2019 Payment Security Report (PSR)
Verizon has released its 2019 Payment Security Report (PSR). For the first time they have worked with other entities as contributors and Schellman was one of the first five entities who contributed.
Read Article
Transitioning into a Penetration Testing Role
This has been the most rewarding and engaging work and continues to be my dream job, and yet, the transition from full-stack web application developer to penetration tester was daunting.
Read Article
CMMC – the New Protocol Droid for DoD Compliance
US DoD has been working to revise funding procurement procedures DFARS. Most important are regulations which mandate that defense contractors meet NIST SP 800-171 standard that deals with CUI.
Read Article
FedRAMP at a Glance [Infographic]
Schellman has performed a third of FedRAMP assessed systems and is the #2 3PAO provider.
View Infographic
The Most Important Considerations in Building a DevSecOps Pipeline
Security Boulevard reached out to a panel of DevSecOps pros to learn more about key considerations and best practices for building a DevSecOps pipeline.
Read Article
A Spooky Tale of Cybersecurity
When it comes to cybersecurity, it’s the things we don’t know that can be the scariest.
Read Article, If You Dare
The Age of Coordinated Ransomware – What Is It, What Can You Do?
Though ransomware attacks aren’t a recent phenomenon, they seem to be increasing in frequency and intensity. If society has grown used to these kinds of cyberattacks, that’s about to change.
Read Article
A SOC-like Approach to PCI: PCI DSS v4.0
The 2019 PCI North America Community Meeting was held in beautiful Vancouver, British Columbia, Canada. The conference provided takeaways for PCI standards plus sneak peeks info PCI DSS v40.
Read Article
Changes Coming to PCI DSS in Version 4.0
The PCI SSC is preparing to issue a draft version of PCI DSS v4.0. It was apparent early in the presentation that the update to the PCI DSS is going to be the largest change since v3.0 in 2013.
Read Article
Schellman's Danny Manimbo Profiled on This Way to CPA
Schellman Senior Manager Danny Manimbo profiled by This Way to CPA on how earning his CPA opened doors in the accounting field, and shares tips for students taking the CPA exam.
Read Article
Valuable PCI Compliance Tips: Our Response
Security Boulevard recently published a list of valuable PCI DSS compliance tips which Schellman's team of QSAs reviewed and have offered insight and commentary on.
Read Article
Step Up: Take a Walk in the Shoes of Three CPAs
Learn how three young professionals have found success in their careers with the CPA credential.
Read Article
How to Exert Privacy Control Over Your Home Speakers
Three leading smart speaker technology makers have suspended contractor review of consumer recordings following disclosures that the devices are nearly always listening and have captured interactions.
Read Article
The Much Anticipated ISO/IEC 27701:2019
For those that were monitoring the wire, ISO 27001 was released the week of August 5th as an extension of ISO 27001 and 27002.
Read Article
![FedRAMP at a Glance [Infographic]](https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY1MTAwJmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVkYzU4NTExOGU4OTAuanBnJnZlcnNpb249MDAwMCZzaWc9NTBjZGIyZTc2ZGRhNGJkNmE5NjRlMGNlNGYxYTczODA%25253D&size=1&version=1573490829&sig=dfba9f35991551aec00555bac4abfb3d&default=hubs%2Ftilebg-blogs.jpg)
