The Coalfire Labs Blog

Welcome to the Coalfire Labs Blog, a resource covering the most important issues in IT security and compliance.  The Coalfire Labs blog is written by the company's leadership team and our highly-credentialed security assessment experts.


  • Compensating Controls: When Patching Isn’t an Option

    February, 2019, Steve Durham, Consultant, CoalfireOne Scanning Services

    Your software vendor is asleep at the wheel and your devs still need that legacy daemon.

  • The HOW, WHY, and HUH? Blog on Disputes

    January, 2019, Travis Finn, Consultant, CoalfireOne Scanning Services

    As you may know, performing vulnerability scans is a requirement for PCI DSS compliance. One of those specific requirements, described in section 11.2.2, states that quarterly external scanning must be done by a qualified Approved Scanning Vendor. Coalfire just so happens to be an ASV, so if you need these scans we would happily oblige!

  • It wasn't raining when Noah built the ark

    April, 2014, Craig Billado, Forensic Analyst, Coalfire Labs

    This month movie-goers around the world will flock (possibly two-by-two) to see Darren Aronofsky’s ‘Noah’—a silver-screen adaptation of the timeless biblical story, starring Russell Crow and Jennifer Connelly .  Whether one interprets the flood narrative literally or figuratively, this fact remains:  the time to prepare for disaster is not after the fact but beforehand. This is true whether the calamity is divine or human in origin.

Top