Asteros Blog
The No-Nonsense Guide to CPRA Penetration Testing (2026 Edition)
If you are a CTO or CISO dealing with CPRA compliance, you have probably heard two completely opposite takes about CPRA penetration testing….
How to Milk a Pentest for Everything It’s Worth
There are two kinds of penetration tests. The first is a piece of theater. You pay a vendor, they run an automated scanner,…
From Data Breach to Physical Harm: The Rise of “Violence-as-a-Service”
“Violence-as-a-Service” is no longer a plot for a thriller. It’s a documented, growing threat that security leaders must add to their risk models….
Uncovering Supply Chain Risks with Penetration Testing
When you build a modern web application, how much of the code did your team actually write? 50%? 20%? Less? And no, I’m…
What “Shifting Left” Means for Security (And Why We Were Stuck So Far to the Right)
In software, everything moves left to right. On the far left end, you’ve got planning and design, where ideas take shape and blueprints…
Passkeys Are So Hot Right Now (And For Good Reason)
If you’ve checked your inbox lately, you’ve probably seen it: “Passkeys are now live.” HealthEquity. Swan Bitcoin. Google. Apple. Everyone is jumping on…
Case Study: The Emergency System That Needed an Emergency Fix
How a critical flaw in a third-party safety app was uncovered during a routine network penetration test, leading to a full administrative takeover….
Don’t Mistake Process for Competence in Penetration Testing
On a recent call, a prospect asked us, almost apologetically,“Umm… if we have a question about something in the pentest report, can we…
A CTO’s Guide to HITRUST Penetration Testing Requirements
If you’re a technical leader at an organization that handles sensitive health information (ePHI), the phrase “HITRUST certification” likely brings a mix of…
Will a Pentest Get Us Through SOC 2 CC7.1? A Guide for Engineering Leaders
Preparing for a SOC 2 audit can feel like navigating a maze, especially when your team is already sprinting through development cycles. For…