• Social Menu
  • Social Menu
  • Social Menu
  • Social Menu
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001 Resources
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001 : Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • CMMC Marketplace FAQs
      • SSP for CMMC
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Our Stance on Inclusivity
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
  • 1-888-PIVOT-POINT
    1-888-748-6876
  • info@pivotpointsecurity.com
  • 1-888-PIVOT-POINT | 1-888-748-6876
  • info@pivotpointsecurity.com
Pivot Point Security
PPS ISO 27001 Logo RPO Logo
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
      • Cloud Controls Matrix
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • NIST SP 800-218
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • GLBA
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001: Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Assessment Checklist
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • SSP for CMMC
      • CMMC Marketplace FAQs
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Inclusivity: Our Stance & Actions
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
Access The Latest Episodes from The Virtual CISO Podcast

It’s Hard to Spell Security with API (Translation: You Need an AppSec Strategy)

by John Verry | Mar 3, 2022 | Ethical Hacking

Reading Time: 3 minutes         The rapid growth of APIs has led to significant security risks. Unless you have been marooned on an uncharted coral atoll for the last five years, you realize that the term application programming...

White Hat Hackers Are Confident They Can Crack Your Security 

by Richard Barrus | May 16, 2017 | Ethical Hacking

Reading Time: 2 minutes One would think that most CISOs and IT security teams are at least cautiously optimistic about their ability to respond to cyber threats. But if the opinions of professional “white hat” hackers are any indication, the reality is that...

The Internet of Things: Basic Security Implications You Definitely Need To Be Aware Of

by Richard Barrus | Oct 18, 2016 | Ethical Hacking, Penetration Testing

Reading Time: 2 minutes Define: Internet of Things (IoT) The internet of things (IoT) is the internetworking of physical devices, vehicles, buildings, and other items; embedded with electronics, software, sensors, actuators, and network connectivity that...

Mobile Application Penetration Testing, Part 4

by Richard Barrus | Jun 21, 2016 | Ethical Hacking, Penetration Testing

Reading Time: 3 minutes In Part 1 of this post, I provided an overview of mobile app attack vectors and penetration testing approaches. In Part 2, I covered tools, techniques and issues related to the two types of mobile applications: browser-based and...

If it’s such a critical vulnerability, why can’t you get in?

by Mike Gargiullo | Jun 14, 2016 | Ethical Hacking, Penetration Testing

Reading Time: 3 minutes About 2 weeks ago I had an in-depth conversation with a client after performing a low-intensity penetration test. We offer a low-cost penetration test option that we call a “Validate” level engagement. Basically, a Validate level...

Mobile Application Penetration Testing, Part 3

by Richard Barrus | Jun 1, 2016 | Ethical Hacking, Penetration Testing

Reading Time: 5 minutes In Part 1 of this post, I provided an overview of mobile app attack vectors and penetration testing approaches. In Part 2, I covered tools, techniques, and issues related to the two types of mobile applications: browser-based and...
« Older Entries
RSS RSS Feed

Free Downloads

  • ISO 27001 Roadmap
  • ISO 27001 Cost Guide
  • vCISO Roadmap
  • View All »

Filter Articles By Tags

Application Security application security testing CCPA cloud security CMMC CMMC Compliance compliance cyber attacks cybersecurity cyber security Data Breach data privacy GDPR Government hackers incident response information security infosec InfoSec strategies IoT IoT Security ISMS ISO 27001 ISO 27001 audit ISO 27002 ISO 27701 Malware NIST NIST 800-171 OWASP OWASP ASVS Penetration Test Phishing ransomware regulation Risk Assessment Risk Management security awareness education security awareness training SIEM SOC 2 tprm vCISO Vendor Risk Management vulnerability management

Blog Categories

  • ISO 27001 Certification
  • ISMS Consulting
  • InfoSec Risk Assessment
  • Penetration Testing
  • Ethical Hacking
  • Business Continuity Management
  • FedRamp
  • Disaster Recovery

About Us

Pivot Point Security has been architected to provide maximum levels of independent and objective information security expertise to our varied client base.

Free Resources »

Recent Blog Posts:

  • Aligning Security with Business Goals to Create More Value
  • The “Value Creation” Side of Return on Security Investment (ROSI) Estimates
  • A Risk-Based Approach to Calculating Return on Security Investment (ROSI)
  • Return on Security Investment (ROSI): What is It and How Do You Calculate It?
white ISO 27001 logo RPO Logo
  • Home
  • Blog
  • About Pivot Point Security
  • The Virtual CISO Podcast

© 2001 - 2022 Pivot Point Security Privacy Policy | Cookie Policy | External Linking Policy | Sitemap