OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Phishing, a cyber-crime that targets victims through email, has become the most common form of
Launched in 2015, Wishbone is a social networking app that encourages users to have their
Uncover the mechanics of ransomware and prevention strategies to safeguard your network against cybercriminal tactics
Explore the financial implications of data breaches, a frequent occurrence in today’s digital world. Learn
What happened in 2014 when Sony became the victim of an attack? Explore how Wiper
Recently I was tasked to conduct an external infrastructure penetration test against a select few
Preventing complacency in testers is crucial to ensuring you have a successful test. Learn about
Get insights into email phishing from an Ethical Hacking Veteran. Learn common tactics with real-world
Explore the future of pentest reports as we unveil the next-generation approach. Discover what’s on
Discover the challenges of managing extensive database audits and our innovative solution using Elasticsearch, a
A Penetration Testing Pro shows how social engineering works in the real world. Hackers techniques,
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass
Discover how you use Burpsuite Collaborator persistently for enhanced cybersecurity testing. Now it’s possible to
Join Gus, explore advanced techniques for detecting and exploiting SQL Injection vulnerabilities in PostgreSQL-based web
Effortlessly obtain a penetration testing quote online without sales calls. Experience a streamlined, hassle-free process
Look into IT Security through the eyes of a pen-tester. We’ll uncover the inner workings and provide in-depth insights for a comprehensive understanding.
Unveiling the origins of the first PC virus prank. Dive into the history of pioneering cyber mischief and understand the Elk Cloner Virus in OnSecurity’s blog.
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are the backbone of any thorough
External penetration testing methodology: what is it and how does it work? External penetration testing is a crucial cybersecurity measure
Cybercriminals are no longer targeting just the big players. In fact, small businesses are firmly in their sights too. With
Cyber threats are evolving, and every business – large or small – faces potential risks. A single vulnerability in your network infrastructure can lead to data breaches, financial losses and reputational damage. Network penetration testing is a proactive approach to uncover and address these vulnerabilities.
Mobile devices are firmly embedded as a huge part of daily life, and therefore making sure Android apps and devices
Penetration testing is a crucial investment in your organisation’s cybersecurity, but understanding the associated costs can be challenging. While there’s
Maximise your pentest impact with OnSecurity’s guide on leveraging reports to enhance your security posture and confidently and quickly share results
What is Penetration Testing? Penetration Testing, otherwise known as “pentesting” or ethical hacking, is the beating heart of all good
Discover now how our tester skillfully exploited multiple SQL injection vulnerabilities to extract valuable data from an application’s backend databases.
Highlighting a critical cybersecurity issue: Unauthorised access is inevitable wherever default credentials are used, underscoring the need for caution.
Cloud-native security systems are transforming the way businesses protect their digital assets. Built for the cloud, these systems offer dynamic and scalable solutions to defend against evolving threats. In this blog, we’ll explore what cloud-native security systems are and why they’re essential for modern businesses.
Explore OnSecurity’s services and products for enhancing your organization’s security posture. Understand the importance of SOC 2 compliance requirements.
Explore Docker’s security aspects: Understand how taking precautions is crucial to avoid vulnerabilities in this widely-used containerization platform.
Explore our technique of using Server Side Request Forgery (SSRF) to successfully retrieve EC2 credentials, demonstrating advanced cybersecurity tactics.
Unveiling the risks of exposing cloud acces keys – particularly in reference to AWS (amazon web services) keys. This article shares a real example from a recent pen test conducted by our expert testers.
Discover the key differences between vulnerability assessment and penetration testing, and learn which approach is right for your security needs.
Discover what ISO 27001 entails and how it can enhance your information security. Read our comprehensive guide to strengthen your security framework.
Discover the top emerging AI security risks in 2026, including AI-driven phishing, autonomous agents, model attacks, shadow AI, and governance gaps.
Build a proactive cybersecurity culture. Learn how CISOs can drive lasting behavioural change, boost awareness, and reduce cyber risks
Turn penetration test results into action. Follow this step-by-step remediation checklist to fix vulnerabilities and boost security.
Learn 9 key cybersecurity metrics boards care about to prove ROI, reduce risk, and align security with business goals.
Explore the top penetration testing challenges CISOs face in 2025 and how AI-powered continuous pentesting is reshaping security assurance.
Learn about LLM prompt injection attacks and exclusive tips and tricks on prompt injection defence in our latest expert blog.
LLM jailbreak guide: examples, attack types, and a practical testing checklist to identify vulnerabilities and boost model safety
Discover what AI red teaming is, why it’s essential for AI security, and how to start testing your systems for vulnerabilities before attackers do.
Discover how AI is transforming cybersecurity. Explore how hackers exploit AI, how defenders fight back, and who holds the upper hand in today’s AI cybersecurity battle
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors & best practices.
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and protect your CI/CD pipeline effectively.
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.
