Why the Internet of Things is a penetration tester’s most valuable asset. As technology moves at a seemingly exponential rate of growth and changes every day, more and more devices [...]
Capital One’s recent data breach is only the latest in the perennial series of high-profile data breaches that have occurred in the last few years. What do Equifax, Home Depot, [...]
From a penetration tester's perspective, there are a few things that quickly indicate an organization's maturity (and the likelihood our team will be able to exploit their environment). If any [...]
Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report. Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.