Behind the Firewall ft. Stu Skove

by Morgan Prost / May 21, 2026

What happens if your tools get it wrong? You trust your tools, but what happens when they get it wrong? While reviewing a newer team member’s finding, our Penetration Tester, Stu noticed a scanner had misidentified a vulnerability as Server-Side Template Injection (SSTI). Through manual testing, he discovered it was a Ruby Code Injection, an error that escalated into full remote command execution (RCE) on the server. From a web…

Behind the Firewall ft. Edmundo Delgado Jr.

by Morgan Prost / May 21, 2026

SOC 2 isn’t just about external validation. You may have seen the recent chatter claiming SOC 2 is a waste of time. We hear it too—usually from teams who treated compliance as a checkbox instead of a strategy. In today’s hyper‑competitive, security‑conscious market, customers expect more than features. They expect trust. Our Information Security Auditor, Edmundo Delgado Jr., explains why SOC 2 continues to matter for enterprise buyers: “It does matter because stakeholders notice…

Softdocs Levels-Up Their Compliance Program with StateRAMP Audit from KirkpatrickPrice

by Hannah Grace Holladay / May 6, 2025

Audits are hard, but when you partner with a firm like KirkpatrickPrice, it will be worth it. That's exactly what Softdocs learned when they asked us to be their partner on their newest compliance initiative: become compliant with the NIST 800-53 framework via a StateRAMP audit within one year. Learn exactly how we worked together to make sure this audit journey ended in success. About Softdocs Softdocs provides process automation and…

Top 10 Ways to Prepare for Your SOC 1 Audit

by Tori Thurmond / May 20, 2024

If your customers rely on you to protect consumer information, chances are you may be asked to produce a SOC 1 audit report. A SOC 1 audit reports on the controls at an organization that are relevant to, or may affect, a client’s financial statements. This reporting framework is designed to demonstrate that an organization has proper internal controls and processes in place to address information security and compliance risks.…

An Earth Day Reminder: How to Take Care of Your Security Environment

by Tori Thurmond / April 22, 2024

Happy Earth Day! I hope you get to spend some time outside today to take in mother nature in all of her glory, but while I have you here, I want to discuss a different type of environment: your security environment.   Just as with the environment around us, we have to take care of our organization’s security environment to keep our data healthy, happy, and, most importantly, secure. There’s are…