Jason Chavarría
Definition, implementation, importance and alternatives
Learn about vulnerability remediation, its place and importance in vulnerability management, and differentiate it from vulnerability mitigation and acceptance.
Jason Chavarría
Vulnerability scanning and pentesting for a safer web
Learn how website and web app security scanning work, their role in vulnerability management, and why mix them with pentesting in vulnerability assessment.
Jason Chavarría
Is your security testing covering the right risks?
You need to prioritize the security testing techniques that cover the actual threats you're facing. We explain how Lumu's MITRE ATT&CK® Global Matrix can help.
Jason Chavarría
Benefits of continuous over point-in-time pentesting
Continuous penetration testing beats periodic point-in-time pen tests. We present its benefits and how we overcome challenges to its implementation.
Jason Chavarría
For which security standards is pentesting a must-have?
We present whether penetration testing is required for compliance with these security standards: GDPR, GLBA, HIPAA, ISO 27001, PCI DSS, SOC 2 and SWIFT CSCF.
Jason Chavarría
Pentesting is a system-agnostic approach to security
The types of penetration testing include external and internal network, wireless, IoT, mobile application and social engineering pentesting. Learn more here.
Jason Chavarría
Differences between these security testing approaches
There is confusion around the differences between breach and attack simulation, penetration testing and red teaming. Read this blog post for a clear comparison.
Jason Chavarría
Our CLI is an approved AST tool to secure cloud apps
Fluid Attacks' automated tool is recommended by the App Defense Alliance for static scanning under the Cloud Application Security Assessment (CASA) framework.
Jason Chavarría
How BAS solutions work, their importance and benefits
Learn about what breach and attack simulation is, how it works, its role in security testing, and its benefits for defending against advanced threats.
