Your Tabletop Exercise Is Boring and That Is Why It Is Not Working
Somewhere in corporate America right now, a security leader is running a tabletop exercise. The scenario came from a template. The participants are…
Penetration Testing for EdTech Vendors: What FERPA Actually Expects
Selling a SaaS platform into K-12 districts or higher education means eventually landing on someone’s vendor security questionnaire. And increasingly, somewhere in that…
What to Expect from a Real PCI Penetration Test
If you’re preparing for a PCI-DSS assessment, you already know penetration testing is part of the deal. But not all pentests are created…
Do I Need a Penetration Test for SOC 2?
If you’re gearing up for a SOC 2 audit, you’ve probably heard a lot of conflicting advice about whether you need a penetration test. Some consultants will tell you it’s mandatory. Others will say you can skip it. The truth — like most things in security — is a little more nuanced.
