OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are
The term “penetration testing” or “pentesting” might be familiar, but the different types available—and how
Enforceable by January 2025, the EU’s Digital Operational Resilience Act (DORA) introduces a landmark EU
Firewall penetration testing is a method of locating, scoping, and penetrating a specific firewall to
External and internal penetration testing both exist as part of a broader cybersecurity strategy, supporting
Penetration testing is a crucial investment in your organisation’s cybersecurity, but understanding the associated costs
ISO 27001 and SOC 2, Type 2 are two of the most prominent regulatory frameworks
In the blink of an eye, artificial intelligence and emerging technology are shattering the old
Maximise your pentest impact with OnSecurity’s guide on leveraging reports to enhance your security posture
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems,
Discover what the Digital Operational Resilience Act (DORA) means for cybersecurity in the financial sector.
Discover how to mitigate financial risks from subdomain takeovers. Learn strategies to safeguard against reputational
Exploring Cloud Security: Risks, Regulations & Remedies. Learn from incidents & strategies for robust cloud
Explore SSDLC stages: From planning to deployment. Learn how to secure web apps effectively with
What is Penetration Testing? Penetration Testing, otherwise known as “pentesting” or ethical hacking, is the
A practical guide to implementing Secure by Design in UK government product delivery. Covers risk-driven design, lifecycle security activities, compliance with the PSTI Act, and how regular penetration testing keeps your security posture continuously validated.
Learn GDPR essentials: data protection principles, subject rights, breach management, and compliance tools to safeguard personal data effectively.
Learn how to secure SaaS applications with expert strategies for data protection, access control, compliance, and threat detection.
Learn what ISO 42001 is, why it matters, and how businesses can implement AI governance, manage risk, and align with EU AI Act compliance requirements.
Protect patient data in healthcare with essential security measures, pentesting insights, and UK data protection guidance.
Technical debt increases breach risk, slows response, and drives up costs. Learn why security debt matters and how to manage it.
Discover how 2-step authentication secures business data from breaches. Compare MFA methods to strengthen your security.
Discover what an ISMS is and how it enhances your organisation’s information security. Read our clear guide to implement effective management systems.
Tom Keyte reflects on five years at OnSecurity- from infrastructure wins to security lessons, and how his role evolved beyond just writing code.
The EU AI Act sets strict rules for AI providers and users. Learn who it applies to, key risk categories, compliance steps, and what businesses must do to prepare.
OnSecurity secures award highlighting the breakthrough year of growth, innovation and AI-augmented cybersecurity
Discover the top emerging AI security risks in 2026, including AI-driven phishing, autonomous agents, model attacks, shadow AI, and governance gaps.
Build a proactive cybersecurity culture. Learn how CISOs can drive lasting behavioural change, boost awareness, and reduce cyber risks
Turn penetration test results into action. Follow this step-by-step remediation checklist to fix vulnerabilities and boost security.
Learn 9 key cybersecurity metrics boards care about to prove ROI, reduce risk, and align security with business goals.
Penetration tester Leonard Matara shares key insights on pentest pitfalls, security strategy, and the need for continuous testing.
Learn what quishing is, how it works, and why it’s a major threat to businesses. Protect your data with OnSecurity’s penetration testing services.
Discover how AI-powered penetration testing enhances traditional methods, boosts efficiency, and strengthens your security posture, combining human expertise with automation for smarter protection.
Learn how to save time and money on penetration testing with expert tips to balance cost, quality, and security.
Enhance your security posture with essential practices for effective pentest orchestration. Discover strategies that streamline processes and support your organisation.
Ransomware can cripple businesses by locking critical data and demanding payment. Learn what ransomware is, how it works, and how penetration testing can help prevent attacks.
What are the differences between ISO 27001 and SOC 2, Type 2? How can I choose the right cybersecurity framework for my organisation?
Learn the key differences between penetration testing vs. vulnerability scanning. Understand when to use each method for optimal cybersecurity protection.
Discover the differences between ethical hacking and penetration testing, how they protect your business from cyber threats, and when to choose each for security assessments.
Explore API pen testing, its benefits, common vulnerabilities, and best practices to strengthen your business’s security posture.
Explore OnSecurity’s services and products for enhancing your organisation’s security posture. Understand the importance of SOC 2 compliance requirements.
Unravel the essentials of ISO 27001 certification in this blog. Explore critical insights and guidelines for a robust security management system.
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritising threats
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials and access AWS S3 buckets, showcasing cybersecurity risks.
Join our unique and growing pen-testing company and showcase your talent. We’re seeking skilled pen-testers who stand out from the crowd, apply here now!
Learn the definition of spear phishing and the potential threats it poses to businesses in this article, supported by real-life anecdotes of successful spear phishing attacks on organisations.
Find out why you need to protect your business against zero-click malware. Discover the best ways to defend your business against attacks.
Learn what MFA fatigue is, why it poses a security risk, and discover practical steps businesses can take to prevent and mitigate it effectively.
Learn how to build effective cybersecurity policies for your small business. Practical steps to protect data, ensure compliance & reduce risks.
Discover how enterprise businesses can tackle remote working cybersecurity risks with pentesting, clear policies, and training.
Discover 5 effective ways to protect your business from deepfake scams, including employee training, testing processes, and AI-generated content detection.
Learn about brute force attacks in cyber security, how they work, types, signs to watch for, and ways to protect systems from unauthorised access and potential data breaches.
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats. Core principles and actionable guidance.
Phishing emails are very common. They are spam emails that land in your inbox or junk folder that imitate a real-life, well-known company (or even someone you may know) and ask you to provide them with sensitive information. Be it usernames, passwords or card details, these cybercriminals will aim to get what they need to ‘hack’ you further and can cause many issues including financial loss.
What is Email Phishing a Definition ‘Phishing’ is a cyberattack in which email is the weapon. Victims are tricked into
Protect your startup from threat with 7 key security tips. Expert insights to fortify your business against cyber threats and protect your startup’s IT
Explore these practical cybersecurity steps with OnSecurity’s guide. Make digital safety simple with seven effective measures to protect against hackers
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.