Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Josh Tomkiel

Josh Tomkiel is a Managing Director on Schellman’s Penetration Testing Team based in the Greater Philadelphia area with over a decade of experience within the Information Security field. He has a deep background in all facets of penetration testing and works closely with all of Schellman's service lines to ensure that any penetration testing requirements are met. Having been a penetration tester himself, he knows what it takes to have a successful assessment. Additionally, Josh understands the importance of a positive client experience and takes great care to ensure that expectations are not only met but exceeded.

Blog Feature

Penetration Testing | Artificial Intelligence

By: Josh Tomkiel
March 14th, 2024

Did you recently implement a new artificial intelligence (AI) feature within your application and now your customers are starting to ask for AI-specific penetration tests? Are you curious as to how an assessment like that would work? As with all these exercises, it starts with scoping.

Blog Feature

Penetration Testing | Red Team Assessments

By: Josh Tomkiel
November 28th, 2023

If you’ve decided to undergo a red team assessment and engaged Schellman to perform it, you may be wondering what the next steps entail—as in, how will the next stages of the process work and what should you expect?

Blog Feature

Penetration Testing | Red Team Assessments

By: Josh Tomkiel
September 28th, 2023

Penetration testing and red team assessments are often conflated or confused—though they’re both advantageous cybersecurity solutions, there are distinct differences between them that any organization considering either should know. Just to be clear, a penetration test is not a red team assessment.

Blog Feature

Cybersecurity Assessments | Penetration Testing | Red Team Assessments

By: Josh Tomkiel
August 8th, 2023

Red teaming is a proactive approach to cybersecurity, where a group of ethical hackers simulates real-world attacks on an organization's systems to identify vulnerabilities and test its defenses. This process helps organizations improve their security posture by revealing weaknesses before malicious actors can exploit them.

Blog Feature

Penetration Testing | SchellmanLife

By: Josh Tomkiel
December 21st, 2022

There’s a Latin proverb that says, “if the wind will not serve, take to the oars.” If you’ve ever hunted for a (new) job, you likely can relate. Of course, every workplace has its idiosyncrasies, but you need to find the “wind” that serves you best.

Blog Feature

Penetration Testing | SchellmanLife

By: Josh Tomkiel
December 6th, 2022

When you’re applying for a new job, you have your reasons—whether it’s to find a new challenge or to escape a toxic workplace, you want to trust that somewhere else will be better for you and your career. But when you’re sending off applications, it’s hard to know what you might be getting yourself into—most times, you won’t know until you’ve signed your new employment contract and are in (a new set) of weeds.

Blog Feature

Cybersecurity Assessments

By: Josh Tomkiel
October 31st, 2022

Did you know that we’ve just come to the end of National Cybersecurity Awareness Month?

Blog Feature

Penetration Testing

By: Josh Tomkiel
September 13th, 2022

So, you’re investing in cybersecurity and are having a web application penetration test performed. No matter your reasons for doing so—whether you’re satisfying compliance requirements, a customer request, internally assessing your flagship service offering or confirming security policies—this is a great step towards strengthening your defenses.

{