OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Discover cloud security strategies for fintech AWS and Azure deployments in OnSecurity’s latest blog
Mobile application penetration testing is a critical component of any organisation with a mobile app
Outdated software and operating systems can leave your business vulnerable to cyberattacks, with potentially devastating
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks,
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to
Learn how to integrate penetration testing into CI/CD pipelines seamlessly. Expert tips for balancing speed
Smishing, a form of cyber-attack that uses SMS messages to deceive victims, is on the
Mobile devices are firmly embedded as a huge part of daily life, and therefore making
Cyber threats are evolving, and every business – large or small – faces potential risks.
Cybercriminals are no longer targeting just the big players. In fact, small businesses are firmly
External penetration testing methodology: what is it and how does it work? External penetration testing
2024 has been a transformative year for the OnSecurity team, marked by progress and significant
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are
Defend against BlueKeep’s looming threats. Insights on securing systems from potential widespread attacks and common BlueKeep exploits. This blog will help you stay informed of threats.
Preventing complacency in testers is crucial to ensuring you have a successful test. Learn about why an alert and proactive testing approach is essential.
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass methods and various exploitation techniques in this insightful post.
Understand the Power of Secure Code: Enhance Business Security with Proactive Code Audits. Discover vulnerabilities, ensure compliance, and build trust.
Roles in software engineering are becoming more popular with advances in technology and require a key set of skills. Here we run through how to become a software engineer
Learn about spoofing in cyber security, how it works, common types, and how businesses can detect and protect against this growing cyber threat.
Learn how OnSecurity evolved from the vision of a few founders to an industry-leading pentest provider, as shared by one of its founding members.
Learn how iOS penetration testing uncovers vulnerabilities in your mobile apps, ensuring robust security and protecting user data on Apple devices.
What are the differences between ISO 27001 and SOC 2, Type 2? How can I choose the right cybersecurity framework for my organisation?
Ensure your Open Banking APIs meet regulatory standards with robust security testing. Learn key methods, risks, and compliance best practices.
Discover the risks of using unsecured WiFi and learn effective strategies to protect your data. Read more to safeguard your online security today.
Discover the top 10 fintech app security vulnerabilities found in 2025, plus practical fixes to help your team improve security and reduce cyber risk.
Learn the essentials of hashing in cyber security, its importance, and practical applications. Discover how it protects data integrity—read more now!
Ensure secure fintech mergers with penetration testing best practices. Learn how to reduce risk, protect data, and support due diligence during M&A deals.
Discover the true cost of a retail data breach and why regular penetration testing is a smart, ROI-positive investment, not just a compliance requirement.
What is a penetration test and why should I get one? A penetration test (aka pen-test), is an authorised simulated
Discover effective strategies to streamline and simplify penetration testing. Learn how to alleviate the complexities for a more efficient testing process.
This post explores each of the initial compromise methods for the TryHackMe x HackerOne CTF. Diving into the web security flaws and PHP tricks abused to gain access to the host webserver.
Protecting the data, valuables and account information related to your business has become even more vital as our workplaces have
Apple claims that its Mac computers are well protected by in-built antivirus features, and there is no need to worry about extra security – how true is this?
Delve into OnSecurity’s research on Go’s server-side template injection vulnerabilities, revealing potential for file reads and RCE exploits. Read more now.
Explore the challenge of vulnerabilities exploited before fixes. Learn how to address security gaps and protect against threats in this insightful discussion.
Learn 3 essential steps to enhance your cybersecurity posture, and effectively mitigate emerging zero-day vulnerabilities for comprehensive threat protection.
Here you can discover the history and impact of MyDoom, the fastest spreading and most damaging computer virus to date, on OnSecurity’s informative blog post
Explore the rise of social engineering threats. Understand how individuals are manipulated to divulge sensitive information, passwords, and financial details.
Dive deeper into Spear Phishing, a sophisticated cyber attack targeting specific individuals to gain unauthorized access to confidential data and files.
CVE hunting within open-source applications – invaluable insights for identifying vulnerabilities, ensuring robust security in open-source software.
Learn proactive cyber threat prevention through threat modeling. Discover how to anticipate and mitigate security incidents before they occur with this guide.
Recruitment companies are a prime target for hackers. We go over the main aspects that recruitment companies should be careful of with their CyberSecurity
Phishing, a cyber-crime that targets victims through email, has become the most common form of online attack. Hackers will attempt
Safeguard your inbox against cyber threats. Explore our expert insights on spotting and avoiding phishing attempts to enhance your online security strategy.
7 effective strategies to improve your company’s security. Discover actionable steps to fortify your defences against cyber threats and safeguard your business.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.