By:
Tyler Petersen
April 18th, 2024
When many think of a “penetration test,” the first thing that may spring to mind is cybersecurity. But in fact, you do have the option to conduct a physical penetration test—or, a simulation of a physical attack on your premises.
Penetration Testing | Artificial Intelligence
By:
JOSH TOMKIEL
March 14th, 2024
Did you recently implement a new artificial intelligence (AI) feature within your application and now your customers are starting to ask for AI-specific penetration tests? Are you curious as to how an assessment like that would work? As with all these exercises, it starts with scoping.
By:
Clint Mueller
December 28th, 2023
If you’re a penetration tester, you know that for any test or phishing campaign, you begin with setting up your infrastructure with a domain name and redirectors. You might also know that this step is straightforward, and many have created walkthroughs on different ways to architect and automate infrastructure deployments.
Penetration Testing | Red Team Assessments
By:
JOSH TOMKIEL
November 28th, 2023
If you’ve decided to undergo a red team assessment and engaged Schellman to perform it, you may be wondering what the next steps entail—as in, how will the next stages of the process work and what should you expect?
By:
Loic Duros
October 19th, 2023
When a software production company requests a security assessment of its Continuous Integration (CI) and Continuous Delivery (CD) pipeline, they usually want an evaluation of the strength of its existing security measures and identification of potential security risks associated with the different components involved in storing, updating, building, and deploying their application.
Penetration Testing | Red Team Assessments
By:
JOSH TOMKIEL
September 28th, 2023
Penetration testing and red team assessments are often conflated or confused—though they’re both advantageous cybersecurity solutions, there are distinct differences between them that any organization considering either should know. Just to be clear, a penetration test is not a red team assessment.
Payment Card Assessments | Penetration Testing
By:
Schellman
September 12th, 2023
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to protect cardholder data. One of the key (and almost always applicable) requirements of PCI DSS is that organizations must perform internal and external penetration testing for the entire scoped environment—this not only applies to systems that store, process, or transmit cardholder data, but also those that can impact the security of cardholder data.
Cybersecurity Assessments | Penetration Testing | Red Team Assessments
By:
JOSH TOMKIEL
August 8th, 2023
Red teaming is a proactive approach to cybersecurity, where a group of ethical hackers simulates real-world attacks on an organization's systems to identify vulnerabilities and test its defenses. This process helps organizations improve their security posture by revealing weaknesses before malicious actors can exploit them.