Penetration Testing
-
Read ArticleThe Intricacies in Pen Test Timing
Schellman Principal, Matt Wilgus addresses one of the biggest challenges frequently seen in planning penetration tests—timing
-
Read ArticleOSEP and PEN-300 Course Review
For those interested in OSEP certification, Schellman Penetration Tester, Wes Dorman provides an overview of the recently released PEN-300 course Overview Offensive Security has released se
-
Read ArticleSchellman Now a PCI ASV
Schellman expands services and becomes Payment Card Industry (PCI) Approved Scanning Vendor (ASV)
-
Read ArticleDeterring Attackers with Low Effort in Active Directory
Schellman Penetration Tester Wes Dorman shares techniques for slowing down an adversary's attacks with active directory hardening
-
Read ArticleCSO and Pen Tester: A Perspective From Both Sides
Schellman's John Bullinger shares his experiences and best practices for conducting penetration testing from both sides of the coin: as that of a CSO and as a penetration tester.
-
Read ArticlePort Scanning: Slow is Smooth and Smooth is Fast
For any penetration testing engagement, internet-facing services are an important part, and there are multiple ways to obtain information before determining if they are vulnerable to exploitation.
-
Read Article5 Common Pitfalls when Pursuing FedRAMP Authorization
What are the common reasons CSPs fail to achieve a FedRAMP Authority to Operate ATO in a timely manner?
-
Read ArticlePreparing for an API Penetration Test
Many organizations provide Application Program Interfaces (APIs) to allow their clients and business partners to enter and retrieve data. We primarily see REST based APIs, but also GraphQL and SOAP.
-
Read ArticleTransitioning into a Penetration Testing Role
This has been the most rewarding and engaging work and continues to be my dream job, and yet, the transition from full-stack web application developer to penetration tester was daunting.
-
Read Article, If You DareA Spooky Tale of Cybersecurity
When it comes to cybersecurity, it’s the things we don’t know that can be the scariest.
-
39:44Watch VideoCloud Apps - Penetration Testing for Providers and Customers
Please, join Matt Wilgus and Josh Tomkiel from Schellman's Threat and Vulnerability Assessment team, as they cover the ins and outs of performing a penetration test of cloud based services.
-
Read ArticleEC-Council Brings A New Range Of Real World Challenges
EC-Council brings a new range of real world challenges that will not only test your Pen-testing skills but guarantees you an experience that is not built for the weak hearted.
-
Read ArticleClarifying the FedRAMP Penetration Test Requirements
As a Third Party Assessment Organization (3PAO), Schellman regularly conducts FedRAMP assessments for Cloud Service Providers (CSPs). Included during these assessments is a penetration...
-
Read FlipbookPenetration Testing
-
Read Flipbook
Penetration Testing
The Why, How & Top Benefits
-
Read Flipbook
Penetration Testing
-
Read ArticleBest Practices When Implementing Web Application Scanning into an SDLC
Web application scanning, a type of dynamic application security testing (DAST), is an important component for organizations looking to provide a secure online offering to their clients.
-
Read ArticlePhishing: Season is Open All Year Long
Employees are one of the weakest links in any business’ security defenses, especially if there is a lack of awareness about criminal attacks that are designed to obtain sensitive...
-
Read ArticleDon’t Forget Your Internal Pen Tests
Many of the requests that we receive are limited in scope to Internet facing assets. A true understanding of the threats facing your networks requires a complete evaluation of all...
-
Read Article5 Questions with Community Speaker - Jacob Ansari
Originally published at blog.pcisecuritystandards.org In this post, we get insights from Jacob Ansari, Manager at Schellman & Company, LLC He will present“Hunting Paper Tigers: A...
-
Loading More...
