KirkpatrickPrice

Security isn’t just about what’s behind the firewall, it’s also about what’s being shared outside of it. Sometimes, the biggest risks aren’t in the code, they’re in the conversations around it. While researching during an engagement, Aslan Konsavage came across a public developer forum where one of his client’s developers was sharing screenshots of their

What happens if your tools get it wrong? During our KP Panel Interview hosted by Allie Krings, we got to hear from our Director of Quality Assurance, Jeneil, about what she’s seeing in the field: when organizations change how they talk about risk, everything else changes too. A risk-aware culture anticipates threats, while a reactive

A good audit doesn’t exist to hand out gold stars. Sometimes, the best compliment an auditor can receive is:“You were tough on us.” On a recent call, the project director at a client company said exactly that about Shannon Lane’s audit — and meant it as the highest praise. They’d worked with plenty of auditors

Just because you bought a tool doesn’t mean you’re ready. Just because you’ve bought a tool doesn’t mean you are ready, you’ve just started.  Kyle Pardue, KirkpatrickPrice’s VP of Sales, has noticed a growing trend: more prospects are pursuing audits for the first time, and putting GRC tool selection ahead of auditor evaluation.  In one

Don’t just secure your code, secure the systems that build it. VP of Security Services, Randy Bartels, has seen a major shift in how teams manage their CI/CD pipelines. Jenkins, CircleCI, and other tools are being replaced by GitHub Actions at a rapid pace, but with that shift comes a new layer of responsibility: securing