What is Continuous Penetration Testing?

by Sarah Harvey / December 15, 2022

Why Do You Need Continuous Penetration Testing? Applications change. Systems change. Networks change. Employees change. Hackers change. What happens when you connect a new API, add in a new server, or alter your environment in any way? A web application that was stable yesterday may not be with the next update. So, why wouldn’t you engage in continuous penetration testing? A standard penetration test is a snapshot of your security…

5 Ways to Prepare for Your Onsite Visit

by Sarah Harvey / June 13, 2023

At KirkpatrickPrice, we’re committed to helping our clients get the most out of their information security engagements with us. That’s why we insist that our audits include an onsite visit. It's part of performing our due diligence and testing. So, what happens during an onsite visit? How can organizations calm their nerves and prepare for an onsite visit? What Happens During an Onsite Visit? Once an organization has completed about 80%…

Can an Auditor Withdraw from an Audit?

by Joseph Kirkpatrick / June 15, 2023

When you choose an audit firm to start the audit process, you’re choosing a partner. You want an auditor who is highly experienced, can communicate well, and knows how to support your organization on its compliance journey. Once you find an audit firm that meets your expectations, your organization will need to continue building a good relationship with your auditor throughout the audit process. It doesn’t stop at signing a…

What is IoT Penetration Testing?

by Sarah Harvey / December 15, 2022

The technology that consumers use every day is becoming smarter and smarter – locks, mirrors, cars, refrigerators, speakers, watches, thermostats, printers, security cameras. Internet of things (IoT) technology is making daily tasks easier, but how secure is this technology? It’s your job as the developer of IoT technology to make sure that the information transmitted through these devices is secure so that the consumer doesn’t have to worry. IoT devices…

What is the Difference Between Phishing and Spear-Phishing?

by Sarah Harvey / June 14, 2023

Imagine this...Your employee, Kevin, sits down at the office and opens his email inbox. The first message is from the CEO of your company, Chris, with the subject line “Priority Task” The email seems urgent. He opens it quickly and reads his task. Because Kevin wants to quickly complete this task for his employer, he rushes to reply. He follows the instructions he receives in a follow-up email, which leads…