- Cyber Essentials
- Penetration testing
The Importance of The Cyber Essentials Scheme
The Cyber Essentials Scheme is a UK-based certification program that aims to help organisations improve their cybersecurity posture and protect themselves from common cyber threats. The scheme covers five core pillars of security: secure configuration, boundary firewalls, access controls, patch management, and malware protection. By implementing these controls, organisations can reduce the risk and impact of cyber attacks, which affect 32% of UK businesses and cost around £736 million in 2021. The scheme also offers benefits such as enhanced market reputation, lower cyber insurance premiums, and compliance with government contracts. The Cyber Essentials Scheme is therefore an essential certification for any organisation operating in the UK, regardless of size or sector.
- Penetration testing
- Tools and techniques
The Overlooked Control: Cache-Control in Mobile App Security
In the realm of mobile application development, attention often gravitates towards high-profile security vulnerabilities like SQL injection, business logic flaws, or weak access controls. However, one crucial aspect that often slips under the radar is the proper implementation of cache-control settings, especially when handling Network API requests. While seemingly innocuous, neglecting cache control can open a Pandora's box of security risks, a fact often overshadowed by more sensational security findings.
"Assumed Compromise" Assessments: A Guide
In red teaming, defining the business objectives of the exercise early is essential to driving the best value realisation from the exercise. Each attack simulation involves a bespoke scoping exercise, and it is during these scoping processes that we discuss different ways of potentially achieving the desirable business objectives and the pros and cons of each.