Hybrid Cloud Security – What is it and why is it important?
Learn about the key components of hybrid cloud security and the benefits and challenges of adopting a hybrid cloud environments and setups in business.
Learning about SOC 2 (Systems and Organisation Controls 2)
Explore OnSecurity’s services and products for enhancing your organization’s security posture. Understand the importance of SOC 2 compliance requirements.
MeVitae has chosen top talent again: A Pentest Partnership
Learn how OnSecurity’s portal-first penetration testing approach helped MeVitae accelerate quoting, booking, and remediation, outpacing other vendors.
Yonder chooses OnSecurity as its Cybersecurity partner
A new case study uncovering our real-time reporting, transparent pricing, and a seamless onboarding process making us the trusted choice for pentesting.
Pentest Findings: Bypassing Freemium with client-side security controls
Discover how one of our pentesters found that client-side security controls hadn’t been enabled in our customer’s target application, allowing them to access features reserved for paying customers, as well as how we fixed it.
What is a Penetration Test and why is it important for your business?
Penetration testing is a mostly manual process carried out by experienced consultants, using some of the same methods and tools a real hacker would. You decide on the scope of your test with your consultant, set your target, and your tester will get to work attempting to breach it. This blog will explore the importance of pentesting for businesses and how to begin.
Pentest Files: Docker Breakout Are you Taking Precautions?
Explore Docker’s security aspects: Understand how taking precautions is crucial to avoid vulnerabilities in this widely-used containerization platform.
Stealing Amazon EC2 Creds via Server Side Request Forgery
Explore our technique of using Server Side Request Forgery (SSRF) to successfully retrieve EC2 credentials, demonstrating advanced cybersecurity tactics.
Cloud Access Keys and Error Messages: The Risks of Exposing AWS Keys
Unveiling the risks of exposing cloud acces keys – particularly in reference to AWS (amazon web services) keys. This article shares a real example from a recent pen test conducted by our expert testers.
Password Reset Bugs: How They Work And The Risks They Pose
Here Tristan demonstrates how to reset any user’s password by altering the password reset functionality, revealing a crucial cybersecurity vulnerability responsible for password reset bugs and consequential exploits.