ProCircular

Name: ProCircular
Address: 2451 Oakdale Bvd, Coralville, IA, 52241, US
Telephone: +13193592632

Information Security and Privacy firm offering a full-service, client-based approach to corporate security strategy for midmarket companies.

We offer customized full-service security programs to protect your company and its customers' data. ProCircular reveals what you don’t know about security, prepare you for future security challenges, and protects your privacy. Powered by industry experts, driven by client success. There are a few organizations here and there who work in the area, but there's yet to be a serious contender in this p

art of the Midwest. We fill that gap and make top-tier information security capabilities available to the small and midsized businesses. It's just as much about the information they hold for their customers as their own data. Every organization has valuable data provided by the customer, and they generally assume that a company is doing everything they can to protect it. A mistake or a breach can have dire consequences, but companies can take steps to prevent problems ahead of time. Your data is likely in a variety of places, some of which you know about. It’s in the cloud, on your network, on mobile devices and potentially in the hands of others. We help you to sort out what’s important and what isn’t and can help you to protect this information. Our firm offers security and cyber-risk analysis paired with a stepwise approach to resolving issues found in the process. The solutions will be tailored to each organization’s unique needs and resources, layered to provide a number of areas of protection, and ongoing to help companies react to the ever-changing world of cyber-threats.

05/21/2026

Press Release:

Canvas is one vendor. Your SaaS risk isn't. Prepare for next time...
A new fixed-scope assessment of your Canvas exposure and the plan behind it.

Press Release here:
https://hubs.li/Q04hlY8W0

You don't have to be a ProCircular client to engage us, nor do you have to be on the ShinyHunters list of affected schools. You only have to recognize that if this happened with Canvas, the rest of your SaaS stack deserves the same scrutiny.

Reach out [email protected] to find out mor

Standardized engagement helps institutions validate their response against FERPA, GLBA Safeguards Rule, state student-privacy statutes, and HIPAA as applicable

05/20/2026

Canvas is one vendor. Your SaaS risk isn't. Prepare for next time...
A new fixed-scope assessment of your Canvas exposure and the plan behind it.

The Canvas breach got your attention. The lesson isn't really about Canvas. Every SaaS platform your institution runs, your LMS, your SIS, your payment and research tools, carries the same accumulated risk Canvas did. Developer keys, third-party integrations, webhook subscriptions, and federated SSO grants, authorized over the years and rarely reviewed since. Canvas didn't create that exposure. It just made one instance of it impossible to ignore.

ProCircular has opened the Canvas After-Action Assessment, a new, fixed-scope, time-bound engagement built alongside a Big Ten university in response to the incident in real time. It reconstructs what data actually flowed through Canvas at your institution, which notification obligations apply, and what a clear 90-day plan looks like. Six work streams, findings mapped to NIST CSF 2.0 and HECVAT 4.0, deliverables your auditors and insurance carrier can use without translation.

Press Release here:
https://hubs.li/Q04hl-yt0

You don't have to be a ProCircular client to engage us, nor do you have to be on the ShinyHunters list of affected schools. You only have to recognize that if this happened with Canvas, the rest of your SaaS stack deserves the same scrutiny.

Reach out [email protected] to find out more!

05/15/2026

The Canvas security incident was a wake-up call for institutions everywhere.

Our team responded quickly, hosting a live webinar to break down exactly what happened, what it means for organizations relying on third-party platforms, and the steps you can take to strengthen your cybersecurity posture before the next incident makes headlines.

The recording is now available on demand: https://hubs.li/Q04gPbPT0

You'll hear from ProCircular's cybersecurity experts on:
- What the Canvas incident revealed about third-party risk
- What higher ed and data-sensitive organizations should be doing right now
- Actionable steps to improve your security readiness today

Whether you attended live or are just hearing about this now, it's worth your team's time.

Missed the Canvas Webinar? Discover the full recording now to access expert cybersecurity insights and enhance your security readiness with ProCircular.

05/14/2026

The Post-Canvas Breach Field Briefing. - today at 1pm. It's worth your time

News about the Canvas/Instructure data breach has been everywhere this week. It affects roughly 8,800 schools and universities, including K-12 districts and major universities nationwide.

If you're a superintendent, board member, trustee, or school leader thinking through what this means for your district or campus, this Thursday's free briefing is for you. ProCircular's Bradley Greer and Michael Johnson cover what's actually known, what it means for students and families, and the kinds of follow-on activity we typically see in the months after vendor breaches in education.

https://hubs.li/Q04grrfS0

05/13/2026

Canvas still on your mind?

Two cases worth studying alongside the Canvas incident: AT&T, which paid roughly $370K in 2024, and PowerSchool, which paid $2.85M in December 2024. In both, the data still surfaced.

The PowerSchool sequence is the closest analog to where Canvas customers are now. Five months after the original payment, individual districts started receiving direct emails containing authentic samples of their own data. Some were signed "ShinyHunters." It's the pattern worth planning around — the May 12 deadline is one moment in a longer arc.

Tomorrow at 1pm Central, ProCircular's Bradley Greer and Michael Johnson cover the six-action response sequence, the follow-on activity we're tracking, and where FERPA, the GLBA Safeguards Rule, and state student-privacy law actually apply.

Free. 60 minutes. Built for leaders making decisions over the next 90 days.

If you’re the person at your institution being asked what the Canvas breach means and what to do next, this briefing is built for you. On May 7, mid-finals week, ShinyHunters published a list of roughly 8,809 schools and universities and took Canvas offline. While Instructure has since paid the ra...

05/12/2026

Canvas - What Comes Next?

The Canvas Outage was a great example of third-party dependencies gone sideways. Higher Education carries a heavier cybersecurity load than most, while concurrently protecting students, faculty, researchers, and staff across thousands of vendor relationships, and serving as one of the most consistently targeted industries in the country.

The Canvas incident is the latest in a 24-month run of identity and OAuth compromises that share a pattern. Attackers have moved past code-level vulnerabilities. They're working through identity trust relationships, OAuth grants, and the SaaS integrations institutions authorized years ago. AppSec programs in higher ed are working through what the shift means for them.

This Thursday at 1pm Central, Jim Sherlock and Michael Johnson — the two ProCircular team members who built our Canvas After-Action Assessment — walk through what the breach tells us about third-party risk in education, where FERPA and the GLBA Safeguards Rule actually apply, and what a clear-eyed 90-day plan looks like.

If you want a plan for what's next, please join us!
https://hubs.ly/Q04gcWcj0

05/08/2026

Monitoring the Canvas Incident: We're working with the affected organizations and providing information as it becomes available.

Stay informed on the latest in information security with ProCircular’s insights. From ransomware recovery to AI risks, explore key topics to enhance your security.

05/07/2026

Shadow AI: The Risk Your Security Tools Can’t See

Discover the hidden risks of shadow AI in your organization and learn how to implement simple governance to protect sensitive data and enhance security.

05/04/2026

#1 in the Nation. That's our guy!

Congratulations to Bradley Greer, SOC Analyst II at ProCircular, for earning the top spot in the National Cyber League Spring 2026 Individual CTF Competition, in the highly competitive experienced bracket.

This kind of result doesn't happen by accident. It's the product of relentless curiosity, deep technical discipline, and commitment to continuous growth.

Bradley, we're thrilled for you and so proud. The work you put in every day shows, and now the whole country knows it.

04/21/2026

Claude Mythos is coming soon...

As AI-driven vulnerability discovery accelerates, mid-market organizations need a practical view of what’s real, what’s overhyped, and what to do next.

Here's the uncomfortable truth for mid-market organizations: you're not in that coalition. But you will inherit the consequences. And researchers have already shown that smaller, cheaper AI models can reproduce much of this same vulnerability detection. This capability is spreading faster than the "restricted preview" framing suggests.

The defender's advantage window is open RIGHT NOW. It won't stay open long.

Join ProCircular’s Jim Sherlock for a 30-minute flash briefing:

Unpacking Mythos: Cybersecurity AI 2026
Apr 23, 2026 | 2:00 PM CT

Register here: https://hubs.li/Q04cFsrC0

C

Address

2451 Oakdale Bvd
Coralville, IA
52241

Telephone

+13193592632

Website

https://www.procircular.com/contact/

Alerts

Be the first to know and let us send you an email when ProCircular posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Shortcuts

Want your business to be the top-listed Business in Coralville?