.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
PCI DSS Penetration Testing: A Practical Compliance Guide
by Derek Boczenowski on April 30, 2026 at 3:23 PM
Here is a conversation we have more often than we would like to admit. We are on a call with an organization that processes payment cards, and we ask how they are tracking against PCI DSS. The response comes back fast and confident: "Oh, we are good. We have an ASV doing our quarterly …
Security Consulting Firms Offering Virtual CISO Services Stand Out
by William DePalma on March 20, 2026 at 11:47 AM
The cybersecurity services market has become increasingly specialized. Some providers focus exclusively on technical testing, conducting penetration tests, vulnerability assessments, and red team exercises. Others concentrate entirely on governance, risk, and compliance (GRC), offerin …
We Let AI Run a Penetration Test. Here's What It Got Wrong.
by Jesse Roberts on March 13, 2026 at 12:50 PM
AI is transforming cybersecurity. From threat detection to vulnerability scanning, organizations are racing to integrate artificial intelligence into their security programs. And for good reason. AI tools can scan faster, cover more ground, and work around the clock without fatigue. B …
Pen Testing Automation Problem: Why Human Expertise Matters
by Patrick Laverty on February 20, 2026 at 4:44 PM
The cybersecurity industry has a new buzzword problem, and this one could leave your organization dangerously exposed.
How Much Does a Penetration Test Cost for a Small Business?
by Jesse Roberts on November 5, 2025 at 12:30 PM
If your small business is considering a penetration test, it’s a smart move. A proper test gives you insight into how an attacker could exploit your systems and provides actionable findings that help you protect your business’s reputation, operations, and customer data. At the same ti …
Red Team Testing: When Your Organization Is Ready (& Why It Matters)
by Patrick Laverty on September 8, 2025 at 2:15 PM
Cybersecurity testing isn’t a one-size-fits-all process. Different organizations are at different maturity levels, and the type of testing you should be investing in depends on how far along you are in building your defenses. One of the most common questions security leaders face is: …