Identify. Evaluate. Remedy.

An enterprise wide perspective on cyber security

How resilient is your enterprise? Would you pass the dionach test?

Protect your organisation’s information assets and manage your cyber risk

Protecting information assets and managing cyber risk is our mission, and one that we are pursuing successfully for hundreds of organisations like yours across the globe at this very moment.

As your strategic partner, we offer an unparalleled breadth of advanced services to match every stage of your information security journey. Our global team of experienced specialists combine the highest calibre of expertise, technology and client care – delivering practical and proven solutions to strengthen your cybercrime defences across every surface.

Our Services

Assurance

Information security assurance through penetration testing and social engineering.

Compliance

Dionach helps organisations meet compliance requirements for standards such as PCI DSS, ISO 27001 and Cyber Essentials.

Response

We help many organisations through understanding and limiting breaches, and mitigating the risk of potential future breaches.

Our insight-led approach keeps you one step ahead

In today’s fast-evolving technological environment, cyber attacks are increasing both in volume and in sophistication. We are a leader in insight-led cyber security, drawing upon our renowned research and development team to keep our clients one step ahead of emerging threats and create new techniques to combat them.

Featured article

PCI DSS: 5 common mistakes to avoid

The message is clear: if you take card payments, PCI DSS applies to you. So why do some merchants remain non-compliant and risk hefty fines, reputational damage and potentially losing their ability to accept card payments? The following article highlights five common mistakes that we at Dionach regularly see in the course of our work as a PCI Qualified Security Assessor (QSA) and PCI Forensic Investigator (PFI).

Featured presentation

Red Team engagements and the forgotten risk of mobile devices

Speaker: Luca Pellegrino, Penetration Tester – DefCamp Bucharest 2019

During a red team engagement, going after low hanging fruit is the obvious choice – vulnerable web applications, external password spraying and spear phishing are amongst the most popular attacks.

However, when everything seems to fail, targeting mobile devices and mobile applications could be a surprisingly effective attack vector, due to poor policies around mobiles and the rise of Cloud Mobile Device Management (MDM) solutions.

In this talk Luca Pellegreno highlights the importance of mobile devices and demonstrates how this vector can be used in a real-world attack.

 

Latest from our

Technical
Blog

Phoenix Contact AXC F 2152 Denial of Service Vulnerability

Author: Oliver Carrigan – OT Security Consultant Introduction The Phoenix Contact AXC F 2152 is a Linux based industrial controller used within harsh industrial environments to control industrial processes such as manufacturing lines and building management systems....

Spoofing Microsoft Outlook Contact

Author: Mike Manzotti – Senior Consultant
As part of a red team assessment, I discovered a bug affecting the latest version of Microsoft Outlook for Microsoft 365 (which was version 16.0.13801.20240 32 bit and 64-bit at the time of the discovery).

An introduction to Dionach’s Ransomware Readiness Review

With the regularity of Ransomware attacks becoming alarmingly more frequent, within both the public and private sectors, everyone is now sitting up and paying extra attention to information security. Ransomware attacks are not new, the first attack was in 1989....

Over 200 public and private sector clients worldwide

Over 1000 penetration tests conducted every year

Over 50 highly qualified, experienced consultants