Tag Archives: Penetration test

Security measures are often designed and implemented from the perspective of the defender i.e. from the inside looking out. From this perspective, 90% secure may look effective. To an attacker or pen tester on the outside looking in, a 10% opportunity would look like an open door.

Attend this lunch-time event and get the attackers perspective from a senior penetration tester and security engineer with more than 15 years experience. Reserve a place on this Webex by using the booking form below. 

Webex scheduled for:-

  • Thur 19th June 2014 | 1:00pm – 1:40pm

See the techniques that are being used to attack your web sites, intranet, extranet and web applications. The session will include a live demonstration of web hacking and technical social engineering techniques.

Find out about:-

  • Attacking Web Applications
    • Reconnaissance and Information Gathering
    • Vulnerability Mapping
    • Live Exploitation inc:-
    • Data theft
    • Firewall foolery – why your network firewall alone will not save you
    • Owning the OS using covert channels
    • Accessing a desktop session on compromised servers
    • Maintaining access and onward attacks
    • Mitigation
  • Social and technical engineering – The two pronged attack
    • The human element – be careful what you click
    • The technical element
    • Mitigation

We are now taking bookings for limited places. To reserve a place please complete the booking form below.

[si-contact-form form=’2′]


In today’s climate of business insecurity it is becoming increasingly important for businesses to take every conceivable precaution to protect themselves and their assets from risk and breach. You only have to look in a newspaper or go online to read about the latest hack attack or security breach to realise that business are facing these dangers every day. Millions of pounds are being lost, and countless crucial data sets are being compromised. These security breaches can cause loss or significant damage to people, brands, reputation and profits. Continue reading Penetration testing; why is it so important for business?


What’s the difference between a vulnerability assessment and a penetration test? The answer to that question depends on who you choose to ask. For some people they are effectively one and the same thing; for others there are clear distinctions. So what’s the true position? Are vulnerability assessments and penetration test effectively two sides of the same coin, or are there clear differences between the two? The short answer is that whilst a penetration test may be a form of vulnerability assessment, a vulnerability assessment is definitely not a penetration test. Continue reading What’s the difference between a vulnerability assessment and a penetration test?


With an increasing number of critical systems being placed within virtual environments, security is now understandably a prime concern. Systems can be attacked, and valuable information and assets can be compromised. Vulnerability management systems are designed to address these issues. Vulnerability assessment is the process of identifying how vulnerable an infrastructure is to known vulnerabilities—the number one threat to all networks today. The threats/risks found in the vulnerability assessment are then ranked and prioritized to expose the current security position, and to facilitate the re-mediation process. Continue reading There’s more to security risk management than just patching


Facebook and Apple have become the latest companies to reveal they had been the target of a “sophisticated cyber-attack” by hackers last month. Although security was breached both companies confirmed that they had found no evidence any user data had been compromised.

In a blog post on its website Facebook explained what it knew of the cyber-attack:

Continue reading Facebook and Apple are the latest companies to fall victim to cyber-attack


Most businesses will be aware of the vital importance of spotting security vulnerabilities within their network and applications, and many will also be aware that they will need to carry out a network penetration test to help them comply with the Payment Card Industry Data Security Standard (PCIDSS) requirements. Understandably many SMBs will look to find the cheapest and quickest way to comply with the required standards. However, some businesses might be surprised to learn that the service they are paying for isn’t necessarily what they think it is. PCI DSS is explicit in its requirement that a penetration test has to be performed, but it is rather vague when it comes to explaining what methods need to be employed when performing testing.

Continue reading What exactly are the requirements of Payment Card Industry Data Security Standards (PCI DSS)?


The security of both the critical national infrastructure and business interests is increasingly being threatened by cyber criminals. Terrorists, fraudsters, rogue states and individual activists are among the criminals who have been targeting computer systems in the UK over the last two years.

Continue reading Deception protection: innovative technology that detects, tracks, profiles and prevents hackers in real-time