By:
Dan Groner
July 23rd, 2024
Though society has, these days, moved firmly into the digital age where emails, texts, and the online world dominate both communication and cyber-attack vectors, it might not occur to people—or organizations—that some scams are still perpetuated over the phone in what’s called a vishing attack.
By:
Josh Tomkiel
June 27th, 2024
In our experience as cybersecurity experts and highly qualified penetration testers, there are typically three reasons why you may move forward with a penetration test and start looking around for a provider. Making that initial decision to move forward with an assessment like this is a big step, but what should you do after you make it?
By:
Tyler Petersen
April 18th, 2024
When many think of a “penetration test,” the first thing that may spring to mind is cybersecurity. But in fact, you do have the option to conduct a physical penetration test—or, a simulation of a physical attack on your premises.
Penetration Testing | Artificial Intelligence
By:
Josh Tomkiel
March 14th, 2024
Did you recently implement a new artificial intelligence (AI) feature within your application and now your customers are starting to ask for AI-specific penetration tests? Are you curious as to how an assessment like that would work? As with all these exercises, it starts with scoping.
By:
Clint Mueller
December 28th, 2023
If you’re a penetration tester, you know that for any test or phishing campaign, you begin with setting up your infrastructure with a domain name and redirectors. You might also know that this step is straightforward, and many have created walkthroughs on different ways to architect and automate infrastructure deployments.
Penetration Testing | Red Team Assessments
By:
Josh Tomkiel
November 28th, 2023
If you’ve decided to undergo a red team assessment and engaged Schellman to perform it, you may be wondering what the next steps entail—as in, how will the next stages of the process work and what should you expect?
By:
Loic Duros
October 19th, 2023
When a software production company requests a security assessment of its Continuous Integration (CI) and Continuous Delivery (CD) pipeline, they usually want an evaluation of the strength of its existing security measures and identification of potential security risks associated with the different components involved in storing, updating, building, and deploying their application.