Critical security control failure. It's a whole lot of words. What does this mean? How does this apply to your organization? Well, we here at Schellman are well aware of these requirements. Stay tuned.

So you're interested in having a penetration test performed and you're wondering, is one enough for five years? Do I have to do it weekly or monthly? In this video, we'll talk about how frequently you should have a test performed.

You're a cloud service provider and you want to do work for the federal government. In order to do that though, you need to be FedRAMP authorized and you've been told by the government agency that you're trying to sell to that, you need to be FedRAMP authorized. In this short video, we're going to walk you through what the process is, what the journey is to get to the point where you have that authorization, you've been approved, and you can go and sell work to your federal agency customers.

Setting the scope correctly is the number one thing you need to worry about when you're starting the process of choosing a pen test provider. Why does everyone harp on scoping with timing and pricing?? Hi, I'm Josh Tomkiel, I'm a senior manager here at Schellman on the pen test team. I've been in the industry for over 10 years, started off as a penetration tester working on web applications and internal and external networks. And now I'm on the manager side overseeing projects. So you've decided you're going to have a penetration test performed, you're going out talking to vendors, getting estimates. But the first thing that everybody asks you: "what's the scope? What's the scope?" Why is it so important? It's important because the scope dictates:

So you've decided that you're going to have a penetration test performed and you want to know how long it's going to take. Awesome! I'm sure you want that report in your hand right away. This video is going to cover some of the tips you need to know about that could impact the timing of a penetration test.

Jumpstart your IT audit career with Schellman.

Like most organizations today, you've probably noticed an increase in privacy questionnaires in addition to the already existing security questionnaires from your customers. This is likely driven by the General Data Protection Regulation of 2016, otherwise known as the GDPR, and your organization is probably trying to figure out what the next best step is for you to take. In this video, we'll walk through some of our offerings related to GDPR as well as the pricing, scoping, and cost structure involved there.

So you're curious about penetration testing? What is it? Do you really need it? Sure, it's useful for compliance, but is that all?

If you are a vendor or a supplier of Microsoft and have been asked to go through their supplier security and privacy assurance program, you may be wondering how much this assessment costs. In this video, we will break down the price range of the assessment cost and the factors that could influence the price.