PenScan Blog

Security insights for builders and teams.

Practical guides, compliance breakdowns, and vulnerability research from the PenScan team.

All posts Guides Compliance Education Engineering Security

Guide

How to run your first penetration test in 30 minutes

A complete walkthrough for teams with no security background — from adding your domain to reading the results and deciding what to fix first.

Claire Jensen June 18, 2024 8 min read

Read article

Compliance

SOC 2 Type II: what security evidence auditors actually need

Most teams over-engineer their SOC 2 evidence package. Here's exactly what auditors look for in the CC7 and CC9 controls — and how automated penetration testing satisfies them.

Tom Barrett 11 min read

June 12, 2024 Read

Education

OWASP Top 10 explained in plain English

No security background needed. We break down each of the 10 most critical web application security risks — with real-world examples from apps you use every day.

Sarah Novak 12 min read

June 5, 2024 Read