Blog

When FedRAMP issued Revision 5 in May 2023, the changes included a new requirement for a red team exercise in addition to the already-mandated penetration test. Now that Rev 5 is officially being enforced as of 2024, organizations pursuing FedRAMP Authorization must get this new obligation right.

As cybersecurity practices go, you have a lot of options, with penetration testing being just one of them. However, a penetration test has more value than many may initially recognize—in addition to how they serve your compliance initiatives.

You know the phrase, “hindsight is 20/20.” It’s a well-trodden lament that can apply to almost everything—a failed job interview, an embarrassing misstep during a conversation, an insistence that the professor won’t include information from his footnotes in the final exam while studying.

When it comes to cybersecurity, you can never be too careful—especially when it comes to placing your trust in those who help you understand and secure your environment.

Make pen testing easier while delivering a better report to your client. For testers in the application security (AppSec) arena, you know that we examine a lot of different areas, including authentication, authorization, encryption, logging, and so on, making for what’s become a staple in this job—the large lists of technical checks that grow even longer every time new issues are discovered and then added for testing. If you’ve worked in AppSec, you know that these tests can make for quite the effort, depending on the complexity of the app you’re working in.