A lot of companies, from small businesses to Fortune 500s, have to deal with the Payment Card Industry Data Security Standard (PCI DSS). Depending on your size and business processes, a lot of your work with PCI could simply be verifying that third-party service providers maintain PCI compliance. But we’ve seen that even something so […]
We often get asked what is the easiest way to prepare in order to improve the results of your penetration test. Whether it be to ensure your regulatory compliance, provide a clean penetration test report to a potential customer, or just to better your overall security posture, having a penetration test with fewer critical findings […]
Compliance with the Payment Card Industry Data Security Standard (PCI DSS) can be a daunting task for many organizations. Understanding what’s expected of you can be hard enough, but then deciding on a strategic path forward to reaching a state of compliance and maintaining that posture can be incredibly complex. If you don’t do it right, […]
One of the key differences we’ve seen between penetration testing quotes is the inclusion of a re-test. A re-test of discovered findings is one of those things in the security consulting industry that seems to have become a topic of fierce debate, as many organizations are trying to leverage it as a differentiator. Getting discovered […]
The phrase “partnering with you” is such a simple phrase, but it can have many different meanings. We do not view a partnership as providing someone with an 800 number or a line that goes to a corporate tree. We do not believe a partnership has an expiration date that corresponds with the last day […]
It can often be hard to know what makes someone qualified to perform penetration testing. There’s no such thing as a “licensed penetration tester” in the terms of an international, federal, or state approval, like a lawyer or medical professional. And if you’re not in the security industry, it can extremely difficult to decipher “acronym […]
