Many of our clients are getting penetration tests not only to improve their security posture, but also to use the results to satisfy a client’s requirements or integrate the results into their sales materials. We get asked quite often how other organizations handle communicating penetration testing results, while avoiding divulging sensitive information. Below, we highlight […]
Information security and corporate network defense is tough. In a constantly changing and advancing industry, it can be hard to figure out where to start when you’re trying to build or improve a corporate security program. Standards and benchmarks are not a sexy or exciting topic, but when you need a starting place to figure […]
One of the common questions we get asked is how to effectively communicate penetration testing results to senior leaders, including C-suite executives and the board of directors. Below are some pointers on how to best navigate these often slippery slopes. Communicating Good Results Your penetration test came back and your firm performed exceptionally well, with […]
One of the things we often see during an external penetration test is unnecessary services exposed to the Internet. This will increase the attack surface of your organization, ultimately giving hackers more ways to try to break into your organization. One of the main principles to follow when setting up your perimeter firewall is to […]
