Skip to main content
All Posts By


Lancera’s sister company HEROIC Cybersecurity wins the consumers’ hearts

By Blog, Press No Comments

Tech Conference Attendees Vote HEROIC People’s Choice Winner

HEROIC company pitch land audience’s vote during competition

Orem, UT – March 9, 2016 – HEROIC, the leading provider of next-generation consumer cybersecurity, today was voted as the 2016 Tech 10 People’s Choice award winner at Utah Valley’s Big Business and Technology Conference.

The annual Tech 10 Competition at the Big Biz Conference showcases new technologies released in Utah in the last year. Judges for Tech 10 include: Jeff Burningham (Peak Capital), John Richards (Startup Ignition), Ryan Davies (Clarke Capital), Jim T. Evans (Xactware), Clint Betts (Beehive Startups), Jeanette Bennett (UV BusinessQ).

Awards include: Best UX Design, Best Disruptive Technology, Best Sales Traction Achievement, Best Model Development, People’s Choice, Experts Choice & more.

To learn more about the Big Biz Conference and the TECH10 Competition, visit Bennett Events.

HEROIC on Social
Facebook, Twitter, LinkedIn, Instagram, HEROIC Blog

HEROIC is the leading provider of next-generation cybersecurity for home users and their devices. Unlike traditional antivirus products, our solution takes a predictive and proactive approach to intelligently secure users and their devices before an attack or threat occurs. The end result is a secure, device-friendly platform that offers users Preventative Network Security, Identity Theft Protection, Secure Online Backup and Malware Protection in one easy-to-use platform. To learn more, and for a free account, please visit

David McDonald

See more at

Inc 500 Press Release – August 17, 2016

By Blog, Press


Lancera Lands Spot on Inc. 500 List for Second Consecutive Year
Ranks No. 146 on Prestigious Inc. 500 List

PROVO, UT (August 17, 2016) – Today Lancera, the leading provider of Cybersecurity and Custom Software Services, ranked No. 146 in the recently-released 2016 Inc. 5000 List, Inc. magazine’s annual ranking of the fastest-growing private companies in the U.S. This is Lancera’s second consecutive year making the list, and its second year reaching the elite top 500. Lancera was also ranked No. 9 overall in the software industry and No. 5 for all Utah companies.

“It’s an incredible feat to be on the Inc. 500 list for two years in a row,” said Chad Bennett, Founder and CEO of Lancera. “This amazing achievement helps validate the hard work of our team and continues to prove the need for secure application development solutions. This is only the beginning of great things to come from Lancera and our affiliated companies.”

Lancera delivers growth-accelerating Custom Software Development, Online Presence, and Cybersecurity Solutions. In a time of heightened cyber threats, Lancera stands out as a leader in the emerging secure software development and cybersecurity markets. Significantly contributing to Lancera’s outstanding growth rate of 2,423% has been it’s IT support focused subsidiary company, Box Support, which was launched in 2014. Lancera is also helping to prepare for the public launch of its highly anticipated spin-off company, a consumer-focused cybersecurity platfrom that protects against hackers and cyber threats.

Lancera climbed three spots from Inc. magazine’s previous Inc. 5000 rankings – from No. 149 in 2015. For more information about Lancera’s ranking in the Inc. 5000, please visit

About the Inc. 500|5000 List
Each year, Inc. and celebrate the remarkable achievements of today’s entrepreneurial superstars. The Inc. 500|5000 list represents the fastest growing companies in the nation. Companies are ranked according to the percentage growth of their annual revenue over a three-year period. The 2016 list assesses revenues from 2012-2015 to calculate overall growth.

About Lancera
Founded in 2011, Lancera is a leading provider of Cybersecurity and Custom Software Development Solutions. Lancera leverages its significant foundation of cybersecurity and software development experience to help clients both protect and scale their business with peace of mind. Embracing a client-focused, collaborative approach, Lancera provides the technology and resource solutions to help accelerate business growth. For more information, visit

Wyatt Semanek
PR Manager
[email protected]

Lancera Receives Top 10 Honors at Utah TechX

By Blog, Press No Comments

Tech X

Lehi, UT – February 4, 2016 – Today Lancera, the provider of custom software, web development and cybersecurity solution, received honors in the annual TechX Revenue Accelerator program. The awards focus on Utah companies showing unparalleled trajectory in growth and sales.

As a business accelerator, TechX is a Park City Partners program that brings together sales and marketing disciplines to help companies address their three biggest problems; generating more leads, closing more business, and keeping more customers.

“This is the second time we’ve won this award,” said Chad Bennett, Founder of Lancera. “There are many up-and-coming companies that compete for these honors. It’s just special to know that what we’re doing continues to be recognized… the TechX program has helped Lancera grow tremendously.”

Since completing the TechX program, Lancera has continued to grow at record pace, receiving national recognition including a spot on the annual Inc. 500 list for consecutive years.

CONTACT US today to see how Lancera can help accelerate your growth.

Press Release – August 17, 2015

By Blog, Press No Comments

Lancera Named #149 Fastest Growing Private Company in America on Inc. 500 List

We’re extremely honored and thrilled to announce that Lancera has been named the 149th Fastest Growing Private Company in America on Inc. Magazine’s 500|5000 list. Lancera also received other Inc. 500 honors including #16 Top Software Company and #5 Top Utah Company.

Inc. Magazine’s 500|5000 list represents the fastest growing companies in the nation. Companies are ranked according to the percentage growth of their annual revenue over a three-year period. The 2015 list assesses revenues from 2011-2014 to calculate overall growth.

Lancera’s Founder, Chad Bennett, had a few remarks about our achievement, “We are honored to have ranked so high on such a prestigious and important list. This amazing achievement not only validates all of the hard work and sacrifice that we’ve put in as a company over the past three years, but it shows our upwards trajectory moving forward.”

Lancera’s amazing growth has come from an increasing need in the marketplace for software development and the exponential increase in cybersecurity threats. With hacking attacks becoming more frequent and more malicious than ever before, businesses desperately need a solution that can resolve these issues.

CONTACT US today to see how Lancera can help accelerate your growth.

Hacks Get Broader – Answers Still Simple

By Blog No Comments

Last week, a hacked Jeep made headlines. Today, it’s Android phones via text message. As more devices get smarter the targets get broader. In 2012, then FBI Director Robert Mueller talked about two kinds of companies: those that have been hacked and those that will be. With growing targets and continued hack proliferation, could the prevention answers still be simple?

Access the full text of the post by clicking here.

Can You Bring Down The Price?

By Blog No Comments

Did you know that the average cost of such data incidents is $100,000 according to multiple sources?

Given the nature of these incidents, I always marvel at the client who whines about the price of a proper penetration test. “Can you do any better?” or “Wow, we weren’t expecting that. Can you sharpen your pencil?” Seriously?

Access the full text of the article by clicking here.

The 3 Key Issues In Hiring a Software Development Company…

By Blog No Comments

The 3 Key Issues In Hiring a Software Development Company…

Bringing your vision to functional reality is not easy where software development is concerned. When hiring a custom development company, will it be able to listen to you and “get it?” Will it bring your functionality and envisioned user experience to a useable level?

One large organization I recently consulted with confessed to having a project overrun of more than a year and thousands of dollars in personnel and other costs. I have discovered this to be a common problem.

The purpose of this article is to provide three simple guidelines by which you may judge the effectiveness of a custom software development organization. Although this guidance is most appropriate for project-based development, the principles may also apply to managed outsourcing.

Access the full text of the article by clicking here.

3 Key Reasons You’ll Fail Your PCI Audit

By Blog No Comments

I am always astonished at the common recurring themes that expert penetration testers uncover during routine testing for requirement 11.3 of the PCI DSS. Since misery loves company I will assuage your pain by pointing out you’re not alone – I’ve seen these same issues for a decade now.

“Your database is in the DMZ isn’t it?” to which he sheepishly replied, “Yes!”

Here are those common reasons:

  1. I can pull down your entire database of key information.
  2. You’re still sending clear text passwords in your application.
  3. Your web application is fraught with XSS vulnerabilities.

Your Database

Yesterday I was speaking with a fellow at a business trade show. He lamented about how his business had recently been hacked, and all of his customer data had been altered such that all his customer addresses now show Ontario, Canada. I said, “Your database is in the DMZ isn’t it?” to which he sheepishly replied, “Yes!”

That is a simple example of ignorance, but more sophisticated organizations – those who process card data, for example, and even those with multiple POS systems and central data relays – have been known to display a more sophisticated (though no less forgivable) ignorance.

One such organization did have their database in a secure zone, but due to blind SQL vulnerabilities, the penetration tester was just one command short of downloading their entire database structure and data.

Another organization had no password on several logins, and as above, the tester was able to potentially download the entire database. In fairness, that scenario was on an internal white box test, but no less ignorance of the facts regarding the issue.

Clear Text Passwords

Organizations build and run applications. Some are public facing, others have internal access only. Either way, equally astounding is the fact that password schemas often pass such in clear text instead of using cryptography. This is every hacker’s dream, giving him access to data, systems or worse – root access.

I am always floored when a major SAaS company is discovered to be running clear text passwords in parts or all of its application(s). Many a company has been compromised due to this issue.

Cross Site Scripting

Web server applications that generate pages dynamically are vulnerable to a cross-site scripting exploit if they fail to validate user input and to ensure that pages generated are encoded properly. An example of this is en exploit that creates a link to a page that looks proper but sends the user to a phishing page to steal credentials.

This is always do to insecure application coding with a failure to properly validate the user input or handle error messages.

The point here is that I’ve seen this in many card processing organizations where the failure to fix this vulnerability could be disastrous.


Having pointed out recurring key issues, you may be saying, “Well I can see that in other companies but not in mine!” The problem is, sometimes when one vulnerability is fixed, others are introduced. So while you may have passed your point-in-time compliance audit last year, this year may be a different story.

It is instructive to point out the PCI requirement 11.3.1 which applies here: “Perform external penetration testing at least annually and after any significant infrastructure or application upgrade or modification.” Most companies simply don’t do this.

In summary, you don’t have to fail your PCI Audits every year – just test and fix before the auditor arrives (vs. waiting to test while your annual assessment is in progress), and during the ensuing year ensure that at least one additional pen test is conducted to avoid cascading accumulation of problems.

Press Release – May 7, 2015

By Press

For Immediate Release: Lancera Announces New Service for Security Compliance

Security backlog code remediation helps service providers, enterprises and merchants achieve quicker PCI, SOX and HIPAA compliance.

Provo, UT – May 6, 2015 – Lancera today announced a way for service providers, merchant, and enterprises to achieve quicker compliance with respect to PCI, HIPAA SOX and other standards.

“Once companies undertake a compliance path and begin penetration testing and security auditing, they quickly realize it will take months to fix the software loopholes which they have created. This is known as a security backlog. Unfortunately the business du jour prevents jumping on this immediately,” said Greg Johnson, VP of security strategy at Lancera.

Mr. Johnson continued, “Having spent many years working with companies trying to achieve PCI compliance, I observed that first-timers took six months or more, and it was not uncommon for some entities to spend a year preparing for compliance, no small part of which was fixing their security backlog.”

Lancera’s team of developers will correct anything from SQL injection or clear text passwords to data encryption or myriads of other types of code insufficiencies and vulnerabilities. Such a simple outsourcing engagement will keep business flowing and conserve valuable in-house resources while a team of experts corrects the code.

David McDonald, COO of Lancera, said, “We envision a time savings for our clients of 50% or better by providing this expert service. Instead of six months to compliance, it will take three or less.”

About Lancera: Lancera, the world’s trusted source for cyber security, provides expert penetration testing, assessment services, PCI consulting and software development services. For more information please contact Greg Johnson ([email protected]) at 1-855-LAN-CERA (526-2372).

549 East 1860 South
Provo, UT, 84606