• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 


You are here



What is the difference between ISO 27001 and ISO 27002?

In short, ISO 27001 is the standard for implementing an Information Security Management System (ISMS) that companies are certified against. It details what organisations must implement in order to have an ISMS that meets the requirements of ISO 27001.



OWASP Top 10 2017 Final Release Review

Back in May 2017, I reviewed the release candidate (RC1) version of OWASP (Open Web Application Security Project) Top Ten Web Vulnerabilities for 2017, which as stated within the previous blog entry, has been eventually rejected.



Active Directory Password Auditing Part 2 - Cracking the Hashes

In part 1 we looked how to dump the password hashes from a Domain Controller using NtdsAudit. Now we need to crack the hashes to get the clear-text passwords.



How to Spot Phishing Email Attacks

Social engineering attacks are becoming increasingly popular amongst attackers, as a strategy to breach companies. Verizon carried out a study on social engineering attacks and found that over 43% of breaches that were documented involved some form of social engineering attack.



Quick Comparison Between iOS and Android Encryption

Encryption in mobile devices is tricky and often developers do not fully understand the mechanisms that iOS and Android, the most common operating systems for mobile devices, provide to ensure data stored on the devices remains relatively secure.