One of the primary questions we get when it comes to web application penetration testing (including mobile applications and APIs) is about what methodology we use. Of course it’s natural for people to wonder how we’re going to go about testing their assets, and somewhat surprisingly, it can be hard to get this kind of […]
About 95% of the time, penetration tests are completed without any issues occurring. An experienced penetration tester will have conducted hundreds of assessments on a myriad of networks, and will know the common pitfalls to avoid. A skilled tester will work diligently to evaluate the risk to your network, while protecting your systems and keeping […]
Knowing the difference between a penetration test and vulnerability scan is critical to optimizing your resources and making sure you are taking the necessary steps to reach compliance, secure your network, and determine your level of risk. Penetration tests are far more expensive and may be more than you need, while vulnerability scans, while cheap, […]
DFARS compliance can be an intimidating goal for an organization. Figuring out where to start, what is required, and how much it’s going to cost to assess DFARS compliance are just a few of the things that companies are trying to understand. We’ve explored the Defense Federal Acquisition Regulation Supplement (DFARS) in another post already, […]
A lot of times in security, there are differences in understanding between clients and service providers. Miscommunications often relate to the terms being used and sometimes, it’s unclear what services are even being offered. This problem is exacerbated now that we are in a time where the field of “information security” or “cybersecurity” is relatively […]
We often get asked what our penetration test reports look like, so we thought we would add a quick video going over a sample report to help address these questions. In the video below we go over our standard deliverable set, which includes our executive summary and technical findings report. Executive Summary The intended audience […]
The difference between a password and passphrase is simply a terminology change. A password is typically around 8 characters long and meets necessary complexity requirements. For example Panthers1! A passphrase, by contrast, is making your password into a sentence, including spaces and punctuation as necessary. An example of a passphrase is “I love the Carolina Panthers!” […]
Today, we would like to review many frequently asked questions regarding the DFARS compliance requirements and how they apply to your company. We have received questions ranging from “What is DFARS?” to “How does it affect me?” to “When do I have to be compliant?” Let’s try and answer some of those initial questions and […]
