Secure by Design in Practice: A Guide for UK Government Product and Delivery Teams
A practical guide to implementing Secure by Design in UK government product delivery. Covers risk-driven design, lifecycle security activities, compliance with the PSTI Act, and how regular penetration testing keeps your security posture continuously validated.
Pentest Files: Hijacking Admin Invitations to Bypass the Login Wall
OnSecurity’s Pentest Files uncovers the latest vulnerabilities and real-life remediation steps to prevent businesses from malicious attack. In this article we find out how our Head of Pentesting is able to hijack admin invitations to bypass the login wall in our clients infrastructure.
Pentest Files: Log File Injection Leading to Remote Code Execution
OnSecurity’s Pentest Files uncovers the latest vulnerabilities and real-life remediation steps to prevent businesses from malicious attack. In this article we find out how Craig discovered a Log File Injection leading to remote code execution.
A Guide to Adversarial Testing for AI
Learn what adversarial testing is, how red teaming secures AI systems, key attack scenarios, and best practices for evaluating LLM and ML security risks.
GDPR Basics: A Practical Guide to Data Protection
Learn GDPR essentials: data protection principles, subject rights, breach management, and compliance tools to safeguard personal data effectively.
The Security of SaaS: From Risk to Resilience in Cloud Environments
Learn how to secure SaaS applications with expert strategies for data protection, access control, compliance, and threat detection.
ISO 42001 Compliance: A Guide for Businesses
Learn what ISO 42001 is, why it matters, and how businesses can implement AI governance, manage risk, and align with EU AI Act compliance requirements.
When Should I Cloud Penetration Test? An Overview of Industry Standards, Critical Triggers, and Compliance Requirements
Learn how often to conduct cloud penetration testing based on your compliance needs, risk profile and cloud maturity level, from security experts.
How to Implement Secure Software Development Cycles: 5 Essential Steps
Build a secure software development cycle: integrate pentesting & shift security left. Guide for security leaders & developers.
How Healthcare Organisations Can Protect Patient Data: An Overview
Protect patient data in healthcare with essential security measures, pentesting insights, and UK data protection guidance.