• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Blog

You are here

03

May

Adventures in Risk Assessments

ISO 27001 heavily uses risk assessments as part of the process of maintaining an Information Security Management System (ISMS). As part of the process, realistic threats to the company are listed, controls implemented, and effectiveness monitored.

28

Oct

PCI DSS 3.2 and Changes to PCI SAQs

PCI PCI DSS 3.2 became mandatory on the 1st of November 2016. This article will discuss changes introduced to the SAQs by the new version of the standard.

08

Sep

The Risk of Data Recovery from Damaged Drives

One of the biggest risks with selling used or second-hand computers is the chance the new owner will be able to recover usable information from the hard drive.

03

Aug

Android Binary Protection Methods

The majority of Android applications we test, even critical apps, do not prevent an attacker from successfully analysing, reverse engineering or modifying the app’s binary code. Most Android apps can easily be decompiled into readable source code that resembles the original.

29

Jul

The Real Impact of Cross-Site Scripting

Cross-site scripting (XSS) is probably the most prevalent high risk web application vulnerability nowadays, and yet it is still one of the most overlooked by developers and defenders alike. 

Pages