Category: Blog

I would probably fill my car with petrol if I could get a penny for each time someone told me to “let’s assess our security culture by phishing staff”. It’s easy to…

Let’s start with vulnerability assessment. Enterprises should conduct continuous automated scanning to keep current on threats to their networks. The infrastructure penetration testing discussed in this blog post should then be used to dig…

TL;DR Cyber security is a growing concern. The following are the key points to remember: Ask questions about your supply chain and your IT and OT teams Evaluate the security configuration of each…

The rapid growth in Industrial IoT (IIoT), across all business sectors, continues to highlight the differences between safety and cybersecurity on safety-critical sites. For a long time safety has been culturally embedded…

Vulnerability disclosure can be difficult. I had hoped that bug disclosure programs (VDPs), and bug bounty programmes (bugger bounty), would make things easier. This doesn’t appear to be the case in general, and often…

Static Application Security Testing (SAST). This is a white-box type of testing, which requires access to the source code to ensure that it functions correctly. SAST can detect various security flaws in software, such…

API security refers to the creation of APIs so that attackers cannot exploit their vulnerabilities and other security features. Modern web application security includes API security. API vulnerabilities include code injection, rate-limiting issues, broken…

Unfortunately, there is no way to create a secure software program. Vile ransomware can sneak in through many different cracks in security infrastructure, infiltrating computers, and ultimately, entire companies through an email link…

Covid-19 has transformed our lives and our work. Remote working is now a major part of our lives, leading to an increase in cyber-attacks. Cost of Data Breach in 2021 (Measured In US$…

Every service-based organization now places a high priority on cybersecurity, as any security loophole can be used as an easy target for malicious attacks. Therefore, concentrating on thorough security testing procedures is…