Press Release

Coalfire Comments on Penetration Tests for Iowa Judicial Branch

September 18, 2019


Westminster, CO – September 18, 2019 –Coalfire, a trusted provider of cybersecurity advisory and assessment services, issued the following comments on recent penetration tests in which the Iowa Judicial Branch contracted with Coalfire for comprehensive security testing:

Malicious cyber criminals use all techniques at their disposal—fair or foul—to access valuable data from private and public organizations. Global cybersecurity firms such as Coalfire involved in technical testing are professionally contracted to simulate attacks using the same techniques any attacker may use to test the company’s defenses so that they can remedy their vulnerabilities before a real-world incident occurs.

Recently, two penetration testers employed by Coalfire were arrested in the Dallas County Courthouse during a security testing exercise to help the Iowa Judicial Branch ensure the court’s highly sensitive data was secured against attack. Coalfire was working to provide quality client service and a stronger security posture. Coalfire and State Court Administration believed they were in agreement regarding the physical security assessments for the locations included in the scope of work. Yet, recent events have shown that Coalfire and State Court Administration had different interpretations of the scope of the agreement. Together, Coalfire and State Court Administration continue to navigate through this process. To that end, the Iowa Judicial Branch and Coalfire will each conduct independent reviews and release the contractual documents executed between both parties.

State Court Administration has worked with Coalfire in the past to conduct security testing of its data and welcomed the opportunity to work with them again. Both organizations value the importance of protecting the safety and security of employees as well as the integrity of data.

Coalfire’s client confidentiality is one of the most important aspects of our business. We are providing this statement only to clarify an unfortunate set of events; since this is an evolving legal matter and involves confidential client work, we cannot comment on further details of the incident at this time. The Iowa Judicial Branch is also making a statement related to our work together; their statement will link to the contractual documents.

About Coalfire

Coalfire is the trusted cybersecurity advisor that helps private and public-sector organizations avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, assessments, technical testing and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives and fuel their continued success. Coalfire has been a cybersecurity thought leader for nearly 20 years and has offices throughout the United States and Europe.

For more information, visit

Press Contact:
Mike Gallo
For Coalfire