Protect your organization’s information assets and manage your cyber risk
Protecting information assets and managing cyber risk is our mission, and one that we are pursuing successfully for hundreds of organizations like yours across the globe at this very moment.
As your strategic partner, we offer an unparalleled breadth of advanced services to match every stage of your information security journey. Our global team of experienced specialists combine the highest caliber of expertise, technology and client care – delivering practical and proven solutions to strengthen your cybercrime defenses across every surface.
Our Services
Assurance
Information security assurance through penetration testing and social engineering.
Compliance
Dionach helps organizations meet compliance requirements for standards such as PCI DSS and ISO 27001.
Response
We help many organizations through understanding and limiting breaches, and mitigating the risk of potential future breaches.
Our insight-led approach keeps you one step ahead
In today’s fast-evolving technological environment, cyber attacks are increasing both in volume and in sophistication. We are a leader in insight-led cyber security, drawing upon our renowned research and development team to keep our clients one step ahead of emerging threats and create new techniques to combat them.
Featured article
PCI DSS: 5 common mistakes to avoid
The message is clear: if you take card payments, PCI DSS applies to you. So why do some merchants remain non-compliant and risk hefty fines, reputational damage and potentially losing their ability to accept card payments? The following article highlights five common mistakes that we at Dionach regularly see in the course of our work as a PCI Qualified Security Assessor (QSA) and PCI Forensic Investigator (PFI).
Featured video
Data is the new oil & hackers know it!
In this interview Rob Embers, our Chief Commercial Officer discusses what organizations can do to stay one step ahead of hackers.
Featured presentation
Red Team engagements and the forgotten risk of mobile devices
Speaker: Luca Pellegrino, Penetration Tester - DefCamp Bucharest 2019
During a red team engagement, going after low hanging fruit is the obvious choice – vulnerable web applications, external password spraying and spear phishing are amongst the most popular attacks.
However, when everything seems to fail, targeting mobile devices and mobile applications could be a surprisingly effective attack vector, due to poor policies around mobiles and the rise of Cloud Mobile Device Management (MDM) solutions.
In this talk Luca Pellegreno highlights the importance of mobile devices and demonstrates how this vector can be used in a real-world attack.
Articles & Insights
Latest from our
Technical
Blog
A Brief Story of a Red Team Security Assessment Part 2
Author: Wesley Renshaw – Lead Consultant
The second article in our two part blog series giving you a behind the scenes look into how we conduct a Red Team Security Assessment.
A Brief Story of a Red Team Security Assessment Part 1
Author: Wesley Renshaw – Lead Consultant
Our latest two-part blog series takes an in-depth look at a Red Team security assessment. This blog article provides technical details of our process giving you an insight on how we work.
Insecure Mobile Apps Can Lead to AWS Account Compromise
Author: Mike Manzotti – Senior Consultant
Nowadays the number mobile apps available on market stores such as Google Play or Apple’s App Store are constantly increasing. This fast-paced industry does not always consider cyber security a priority, especially when deadlines are tight, and often it is an afterthought.
In this blog I will guide you through part of a mobile app penetration test that allowed me to fully compromise an AWS account, which amongst other assets, included a WordPress website hosted on a EC2 instance.
Over 200 public and private sector clients worldwide
Over 1000 penetration tests conducted every year
Over 50 highly qualified, experienced consultants
