866.254.0000
Contact Us
Services
Services
View All Services
SOC & Attestations
SOC & Attestations
SOC 1 / SSAE 18 Examination
SOC 2 Examination
SOC 3 Examination
SOC for Supply Chain
SOC for Cybersecurity
SOC Essentials for Early-Stage Companies
C5 Attestation
CSA STAR Programs
Payment Card Assessments
Payment Card Assessments
PCI DSS Validation
PCI SSF
PCI P2PE Validation
PCI PIN Assessments
PCI 3DS Compliance
ISO Certifications
ISO Certifications
ISO 27001
ISO 42001
ISO 27701
ISO 9001
ISO 22301
ISO-20000-1
Privacy Assessments
Privacy Assessments
APEC Certification
GDPR Assessment
International Privacy Assessments
US State Privacy Assessments
Microsoft SSPA/DPR Assessment
Privacy Program Assessment
FERPA Assessment
EU Cloud Code of Conduct
Federal Assessments
Federal Assessments
FedRAMP®
CMMC / NIST SP 800-171
FISMA/NIST
ITAR
CJIS
IRAP
FTC Consent Decrees
DoD IL6
Healthcare Assessments
Healthcare Assessments
HITRUST Certification
HIPAA Compliance
HIPAA Express
EPCS-DEA Audits
Health Data Host (HDS) Certification
Penetration Testing
Penetration Testing
Application
Network
Mobile
Red Teaming
Social Engineering
Cloud
Physical
Hardware and IoT
Advanced Series
Cybersecurity Assessments
Cybersecurity Assessments
Cloud Configuration Assessments
Ransomware Assessments
NIST Cybersecurity Framework Assessments
Schellman Software Security Assessment (S3A)
TISAX®
SWIFT Customer Security Programme
Internal Audit Co-Sourcing
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
Learning Center
Our Technology
About Us
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships
ISO Certificate Directory
Contact Us

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Cybersecurity Assessments | Penetration Testing

8 Things to Provide Your Testers Ahead of an API Penetration Test

By: Rene Guerra
October 4th, 2022

If you’re running a business online, you’re likely providing an application program interface (API) on your website that allows your customers or business partners to enter and retrieve data. At Schellman, we primarily see REST-based APIs, but we’ve also tested GraphQL and occasionally SOAP.

Read More
Blog Feature

Cybersecurity Assessments | Penetration Testing

How to Prepare for Your Internal Network Pen Test

By: Josh Tomkiel
August 4th, 2022

Famous detectives throughout history have always been thrown into cases. That’s the nature of their job—the situation to create the case occurred, and it’s up to Sherlock Holmes to follow a trail of clues to determine the solution. When you perform an internal network pen test, the nature of the work is similar, but there are a few things you can do to help these cyber “detectives” maximize your knowledge gained and action items moving forward. Schellman’s Pen Test Team is experienced, and we often get asked to perform this specific type of evaluation. Having gone into these sorts of engagements many times before, we want to share some helpful insight specific to this kind of test.

Read More
Blog Feature

Cybersecurity Assessments

3 Questions to Ask Your Single-Provider Cybersecurity Firm

By: JORDAN HICKS
June 8th, 2022

If you remember Larry King, you might know that during his time at CNN he became a legendary interviewer, having spoken with politicians, celebrities, athletes, and royalty all during his tenure.

Read More
Blog Feature

Cybersecurity Assessments

Why You Should Care About Pipedream - A Specialized Malware Threat

By: Schellman
June 1st, 2022

In the hit song, Sweet Dreams (Are Made of This), Eurythmics produced a bop that encourages everyone to stay optimistic and to keep working towards their goals.

Read More
Blog Feature

Cybersecurity Assessments | Cloud Computing

What Is C5 Attestation?

By: KRISTEN WILBUR
May 11th, 2022

It was once remarked that “there are no rules of architecture for a castle in the clouds.”

Read More
Blog Feature

Cybersecurity Assessments

Are Passwords Still Secure? A Look at Other Alternatives

By: Schellman
April 20th, 2022

FIDO Says Look to Authentication Alternatives. Stop me if you’ve heard this before:

Read More
Blog Feature

Cybersecurity Assessments

Do You Need a Ransomware Preparedness Assessment?

By: BRYAN HARPER
March 29th, 2022

A while ago, we posed this question, “Do You Need a Ransomware Preparedness Assessment?”

Read More
Blog Feature

Cybersecurity Assessments

The Latest on Mandatory Reporting of Data Security Incidents

By: Schellman
March 17th, 2022

What’s the Latest with the U.S. Mandatory Reporting Rules?

Read More
{

Previous All posts Next

4010 W Boy Scout Boulevard
Suite 600
Tampa, FL 33607

U.S. 1.866.254.0000

Outside the U.S.
1.813.288.8833

Resources
Company
Stay Up-to-Date

Sign up to receive Schellman's Weekly Read delivered every Friday morning.

© SchellmanPrivacy PolicyTerms of Use

“Schellman” is the brand name under which Schellman & Company, LLC and Schellman Compliance, LLC provide professional services. Schellman & Company, LLC and Schellman Compliance, LLC practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations and professional standards. Schellman & Company, LLC is a licensed certified public accounting firm (Florida license number AD62941) registered with the Public Company Accounting Oversight Board (PCAOB) that provides attest services to its clients, and Schellman Compliance, LLC provides nonattest cybersecurity and compliance professional services to its clients. Schellman Compliance, LLC is not a licensed CPA firm. Schellman & Company, LLC and Schellman Compliance, LLC are independently owned and are not liable for the services provided by any other entity providing services under the Schellman brand. Our use of the terms “our firm” and “we” and “us” and terms of similar import, denote the alternative practice structure conducted by Schellman & Company, LLC and Schellman Compliance, LLC.