Contact Us
Menu
Contact Us

by Eddie, on 05/06/2019 7:15:00 AM

Seen above is real source code we got access to in a recent web application penetration test by exploiting security vulnerabilities caused by poor secure coding practice. While inspecting source …

Read Story
Topics:GovernancePentesting

by Nat, on 11/04/2019 4:30:00 PM

Although cybersecurity insurance can appear attractive, it is important that businesses understand it cannot feasibly serve as a replacement for threat mitigation. The majority of cyber threats are avoided by …

Read Story
Topics:GovernanceFundamentalsRisk Assessmentrisk profile

by Nigel, on 10/12/2018 11:02:00 AM

Every information security framework and “best practice” guide to cyber security states that you need “management buy-in”, but why is it important and what does it look like? Management buy-in …

Read Story
Topics:GovernanceFundamentals

by Nigel, on 03/12/2018 12:56:00 PM

What Brush Turkeys Have Taught Me About Information Security It is that time of year again when a male brush turkey has made my backyard his home, tearing apart vegetation …

Read Story
Topics:InsiderGovernanceRed TeamingRisk Assessment

by Nigel, on 15/02/2018 5:45:00 PM

A big part of my job is conducting security audits or assessments of clients. In one assessment, I asked a client for some documentation, in this case a system design …

Read Story
Topics:Governance

Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe to Updates