New Horizons
Project Management Academy
Six Sigma Online
TCM Security
TRACOM
Velopi
Watermark Learning
Login
Our Blog
Resources and insights
The latest industry news, interviews, technologies, and resources.
PCI DSS 4.0: What’s New and How Your Business Can Stay Compliant
Learn more about the most recent updates to the PCI DSS, how version 4.0 compares to 3.2.1, and what you need to do to be PCI compliant.
Application Security 101: Basics, Best Practices, & Challenges
This article reviews the key concepts and principles of application security, providing an overview for developers, IT professionals, and business leaders.
Getting Started with IoT and Hardware Hacking: Part 3 – Analyzing and Enumerating Firmware
In part three of our intro to hardware hacking series, we learn about firmware analysis and how to hunt for vulnerabilities on IoT devices.
Should I Whitelist A Penetration Tester’s IP?
While working out the details with a client for an upcoming security assessment, whitelisting the penetration testers IP addresses always generates additional conversation. It may seem odd because you wouldn’t whitelist your adversaries to bypass a security control,...
Should I Get a “Re-test” With My Penetration Assessment?
Should you get a re-test of your penetration test to determine if the findings were properly remediated? The answer depends on your business. Find out more.
The “Medium Risk” Finding That’s Destroying Your Security Program
Many of our clients perform vulnerability scanning on a regular basis but find that they still don’t perform as well as they’d like on penetration tests. Well today we’re going to discuss a finding that’s frequently found on networks, that many vulnerability scanners...
Do I Need Permission to Test My Cloud Environment?
As organizations continue to move towards cloud computing technology and services, we get this question often. The good news is it’s become much clearer in recent times as both AWS and Microsoft Azure have both relaxed their policies and posted easy to understand...
Why You Should Use Password Filters
Attackers targeting login portals has become common place, so much that many organizations don’t even bother reviewing logs due to the immense number of password spraying campaigns. Adversaries continue this attack path because it’s proved successful The good news is...
Is “After-Hours” Testing Worth It?
Conducting security testing in the off-hours may be the best option to avoid disruption to business processes. However, we often find that it isn’t necessary.
Stay Ahead of Cyber Threats
Get expert insights on the latest penetration testing strategies, emerging vulnerabilities, and cybersecurity best practices—straight to your inbox.
Loading form...
We care about your data in our privacy policy.