OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Discover how AI is transforming cybersecurity. Explore how hackers exploit AI, how defenders fight back, and who holds the upper
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors & best practices.
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and protect your CI/CD pipeline effectively.
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and
Discover cloud security strategies for fintech AWS and Azure deployments in OnSecurity’s latest blog
Mobile application penetration testing is a critical component of any organisation with a mobile app that collects or handles sensitive
Outdated software and operating systems can leave your business vulnerable to cyberattacks, with potentially devastating consequences. Discover the risks they
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without
Learn how to integrate penetration testing into CI/CD pipelines seamlessly. Expert tips for balancing speed and security in DevSecOps.
Smishing, a form of cyber-attack that uses SMS messages to deceive victims, is on the rise. By exploiting human trust,
Mobile devices are firmly embedded as a huge part of daily life, and therefore making sure Android apps and devices
Cyber threats are evolving, and every business – large or small – faces potential risks. A single vulnerability in your
Learn about the key components of hybrid cloud security and the benefits and challenges of adopting a hybrid cloud environments and setups in business.
Uncover strategies for recognizing impending phishing attacks. This post details our proactive approach in warning a customer about a serious fraud attempt.
Holyrood reports on the UK Government’s £700,000 fund initiative to expand the cyber security sector, signaling huge significant growth and development.
Microsoft email servers are being targeted by hackers after a series of vulnerabilities were detailed at a computer security conference in August
Stay informed with the latest strategies tackling cybercrime as governments announce robust plans. Dive into the blog for crucial cybersecurity updates.
Discover why over half of UK businesses are hiring CISOs to combat cyber threats, with OnSecurity’s updated insights on the evolving role in cybersecurity
Discover crucial insights on the actively exploited Microsoft zero-day vulnerability. Protect your systems with expert advice and stay ahead of cyber threats.
Explore how remote working can define an organisation’s agility and crisis response, all while also considering the potential risks associated with the cloud security landscape.
“Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6, The Financial Times reports.
Google’s very impressive record: Zero successful phishing attacks on a massive workforce of 140,000+ employees. Discover their security success story.
Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6, The
Catch Of The Week Did you know that Google has never been the victim of a successful phishing attack? Not bad for
Sony is a gigantic multipartite corporation that has been prone to multiple different types of hacks, find out why and how they improve their security posture
Explore the risks businesses face with internet-stored data and the prevalent distrust in online security, highlighting the need for robust protection.
A compilation of tricks and checks for when a file upload is encountered in an offensive security test.
Learn the key differences between penetration testing vs. vulnerability scanning. Understand when to use each method for optimal cybersecurity protection.
Discover the differences between ethical hacking and penetration testing, how they protect your business from cyber threats, and when to choose each for security assessments.
Explore API pen testing, its benefits, common vulnerabilities, and best practices to strengthen your business’s security posture.
Explore OnSecurity’s services and products for enhancing your organisation’s security posture. Understand the importance of SOC 2 compliance requirements.
Unravel the essentials of ISO 27001 certification in this blog. Explore critical insights and guidelines for a robust security management system.
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritising threats
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials and access AWS S3 buckets, showcasing cybersecurity risks.
Join our unique and growing pen-testing company and showcase your talent. We’re seeking skilled pen-testers who stand out from the crowd, apply here now!
You can now explore the purpose and process of penetration tests (pen-tests), authorised simulated cyber-attacks that assess the security of computer systems.
What is a penetration test and why should I get one? A penetration test (aka pen-test), is an authorised simulated
Discover effective strategies to streamline and simplify penetration testing. Learn how to alleviate the complexities for a more efficient testing process.
Learn about spoofing in cyber security, how it works, common types, and how businesses can detect and protect against this growing cyber threat.
Learn how OnSecurity evolved from the vision of a few founders to an industry-leading pentest provider, as shared by one of its founding members.
Learn how iOS penetration testing uncovers vulnerabilities in your mobile apps, ensuring robust security and protecting user data on Apple devices.
What are the differences between ISO 27001 and SOC 2, Type 2? How can I choose the right cybersecurity framework for my organisation?
Ensure your Open Banking APIs meet regulatory standards with robust security testing. Learn key methods, risks, and compliance best practices.
Discover the risks of using unsecured WiFi and learn effective strategies to protect your data. Read more to safeguard your online security today.
Discover the top 10 fintech app security vulnerabilities found in 2025, plus practical fixes to help your team improve security and reduce cyber risk.
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems, data, and customer trust.
Find out why you need to protect your business against zero-click malware. Discover the best ways to defend your business against attacks.
Learn what MFA fatigue is, why it poses a security risk, and discover practical steps businesses can take to prevent and mitigate it effectively.
Learn how to build effective cybersecurity policies for your small business. Practical steps to protect data, ensure compliance & reduce risks.
Discover how enterprise businesses can tackle remote working cybersecurity risks with pentesting, clear policies, and training.
Discover 5 effective ways to protect your business from deepfake scams, including employee training, testing processes, and AI-generated content detection.
Learn about brute force attacks in cyber security, how they work, types, signs to watch for, and ways to protect systems from unauthorised access and potential data breaches.
Learn about brute force attacks in cyber security, how they work, types, signs to watch for, and ways to protect systems from unauthorised access and potential data breaches.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.