Are you getting a real penetration test and not a fancy automated network security scan from your IT provider?

The Penetration Test Bait and Switch: Are you actually getting a pentest?

People often confuse penetration testing and vulnerability scanning. Both are important at their respective levels, are essential in analyzing cyber-security risk, and are required by standards such as PCI, ISO 27001, and others. Vulnerability scanning checks for known vulnerabilities while penetration testing requires a human element to exploit identified vulnerabilities in your network to report […]


My MSP/IT Provider Was Compromised, Now I am Too

Many organizations choose to hire Managed Service Providers (MSPs) to provision, secure, backup, and manage your servers and desktops, network devices, and other IT infrastructure. Leveraging an MSP usually offers cost savings for organizations but what happens when the MSP is the victim of a cyberattack?  To supply these services, the provider must often have privileged account access and install software on your systems. Most MSPs place their trust in systems […]