The 3rd party security nightmare

It appears 3rd party integrations are the flavour of the month for security incidents at the moment. The latest being Ticketek Australia, where some of its customer may have had their personal details exposed, including names, date-of-birth and email; all of which was managed by a “reputable, global third-party supplier”. In other words, a global Read more about The 3rd party security nightmare[…]

Cyber Security

Cybersecurity Expert Sydney

In an era where digital vulnerabilities pose an ever-increasing threat to businesses worldwide, the significance of cybersecurity expertise cannot be overstated. With sophisticated cyber-attacks on the rise, the role of a cybersecurity expert has evolved from merely safeguarding digital assets to actively predicting and mitigating potential risks. To fortify your organization’s resilience against these imminent Read more about Cybersecurity Expert Sydney[…]

Protecting against the biggest security vulnerability

First off, do you know what the biggest single cause of security vulnerabilities and successful attacks against computer systems is? A lot of people think of insufficient access controls, a lack of process, SQL injection, etc but there is something more fundamental sitting behind a lot of these that often gets overlooked. I’m talking about Read more about Protecting against the biggest security vulnerability[…]

The Defence in Depth Security Model Explained

The Defence in Depth Security Model is one of those security concepts I often see incorrectly implemented or not used to its full potential to protect services or systems. There is way more to it than first meets the eye. In this article you will learn: What is the Defence in Depth Security Model? The Read more about The Defence in Depth Security Model Explained[…]

robots.txt Pen Test extension

Given that I’m seeing an increase in unauthorised, and essentially illegal, Pen Tests against business production instances, which only serve to: Test the firewalls around your production instance (rather than testing the application code directly), Put at serious risk the availability of the web service under ‘test’ by consuming resources that should be only used Read more about robots.txt Pen Test extension[…]