SchellmanCON is back! Join us for our virtual conference on March 6 & 7, 2025

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Austin Bentley

Austin Bentley is a Manager with Schellman, based in Kansas City, Missouri. Prior to joining Schellman, Austin worked as a Penetration Tester for a large financial institution, specializing in Application Security and Internal Pentesting. Austin also led and supported various other projects, including security automation and code review.

Blog Feature

Penetration Testing

By: Austin Bentley
November 8th, 2024

Maybe it’s time for your yearly pen test. Or, maybe you’re building up your very own internal pen test team. Navigating this journey can be challenging, but we’re committed to making it easy for you. Fortunately, we bring a wealth of insight from our “other side of the table” perspective. This multipart series will prepare you for concerns on both sides of the table, so you can be certain you’re ready for your next engagement.

Blog Feature

Penetration Testing

By: Austin Bentley
October 4th, 2024

You’ve got a system that needs to be tested, but you’re not really certain about which environment the testing should occur in. Or, maybe you’re feeling uneasy about testing within production. Many have been in your exact same shoes in the past -- below, we’ll help assist you in making this important decision.

Blog Feature

Penetration Testing

By: Austin Bentley
September 20th, 2024

A question we receive frequently during scoping calls is “What tools does your team use during a penetration test?” The answer can depend on the scope, services, and situations we come across during the engagement. Additionally, there is constant industry and threat pressure to stay ahead of the curve. Our toolkit is constantly evolving to reflect the latest threats and techniques, ensuring we can simulate real-world attacks effectively.

Blog Feature

Federal Assessments

By: Austin Bentley
February 22nd, 2024

When FedRAMP issued Revision 5 in May 2023, the changes included a new requirement for a red team exercise in addition to the already-mandated penetration test. Now that Rev 5 is officially being enforced as of 2024, organizations pursuing FedRAMP Authorization must get this new obligation right.

Blog Feature

Cybersecurity Assessments | Penetration Testing

By: Austin Bentley
July 20th, 2023

As cybersecurity practices go, you have a lot of options, with penetration testing being just one of them. However, a penetration test has more value than many may initially recognize—in addition to how they serve your compliance initiatives.

Blog Feature

Penetration Testing

By: Austin Bentley
July 26th, 2022

You know the phrase, “hindsight is 20/20.” It’s a well-trodden lament that can apply to almost everything—a failed job interview, an embarrassing misstep during a conversation, an insistence that the professor won’t include information from his footnotes in the final exam while studying.

Blog Feature

Penetration Testing

By: Austin Bentley
July 12th, 2022

When it comes to cybersecurity, you can never be too careful—especially when it comes to placing your trust in those who help you understand and secure your environment.

Blog Feature

Penetration Testing

By: Austin Bentley
November 2nd, 2021

Make pen testing easier while delivering a better report to your client. For testers in the application security (AppSec) arena, you know that we examine a lot of different areas, including authentication, authorization, encryption, logging, and so on, making for what’s become a staple in this job—the large lists of technical checks that grow even longer every time new issues are discovered and then added for testing. If you’ve worked in AppSec, you know that these tests can make for quite the effort, depending on the complexity of the app you’re working in.

{