OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Discover what hackers can learn about your business online and how external attack surface discovery
Discover the types of penetration testing, including network, web, mobile, cloud, API, and social engineering
Build a strong human firewall with effective security awareness training. Learn how to prevent social
Explore the pros and cons of public and private cloud computing to determine the best
Discover what an internal infrastructure test reveals about your systems. Gain insights to enhance security
If you’re running self-hosted GitHub Actions runners on AWS EC2, there’s a critical timing vulnerability
Discover what an ISMS is and how it enhances your organisation’s information security. Read our
Tom Keyte reflects on five years at OnSecurity- from infrastructure wins to security lessons, and
Discover the key differences between vulnerability assessment and penetration testing, and learn which approach is
Discover essential tools to efficiently assess your website’s vulnerabilities and enhance your website security, with
Discover what ISO 27001 entails and how it can enhance your information security. Read our
The EU AI Act sets strict rules for AI providers and users. Learn who it
OnSecurity secures award highlighting the breakthrough year of growth, innovation and AI-augmented cybersecurity
Discover the top emerging AI security risks in 2026, including AI-driven phishing, autonomous agents, model
Build a proactive cybersecurity culture. Learn how CISOs can drive lasting behavioural change, boost awareness,
Discover crucial insights on the actively exploited Microsoft zero-day vulnerability. Protect your systems with expert advice and stay ahead of cyber threats.
Explore how remote working can define an organisation’s agility and crisis response, all while also considering the potential risks associated with the cloud security landscape.
“Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6, The Financial Times reports.
Google’s very impressive record: Zero successful phishing attacks on a massive workforce of 140,000+ employees. Discover their security success story.
Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6, The
Catch Of The Week Did you know that Google has never been the victim of a successful phishing attack? Not bad for
Sony is a gigantic multipartite corporation that has been prone to multiple different types of hacks, find out why and how they improve their security posture
Explore the risks businesses face with internet-stored data and the prevalent distrust in online security, highlighting the need for robust protection.
A compilation of tricks and checks for when a file upload is encountered in an offensive security test.
Unravel the simplicity of gRPC with Project Crobat. Learn to streamline development with gRPC and empower your projects. Dive into our blog for insights!
Delve into the fascinating narrative of how a love letter altered the landscape of computer security perpetually. Uncover this tale of technological evolution.
One of the biggest growing problems in computer security is the growing proliferation of cyberattacks which are far more open and threatening in nature.
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions about cloud-based security solutions.
Explore the methods targeting LinkedIn users through phishing scams and gain insights into the everyday tactics used by cybercriminals to exploit you further.
A computer hacker in the US was able to gain access to the water system of Oldsmar in Florida and successfully increased the amount of sodium hydroxide.
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials and access AWS S3 buckets, showcasing cybersecurity risks.
Join our unique and growing pen-testing company and showcase your talent. We’re seeking skilled pen-testers who stand out from the crowd, apply here now!
You can now explore the purpose and process of penetration tests (pen-tests), authorised simulated cyber-attacks that assess the security of computer systems.
What is a penetration test and why should I get one? A penetration test (aka pen-test), is an authorised simulated
Discover effective strategies to streamline and simplify penetration testing. Learn how to alleviate the complexities for a more efficient testing process.
Smishing, a form of cyber-attack that uses SMS messages to deceive victims, is on the rise. By exploiting human trust,
Discover how to mitigate financial risks from subdomain takeovers. Learn strategies to safeguard against reputational damage and data breaches.
Explore SSDLC stages: From planning to deployment. Learn how to secure web apps effectively with OnSecurity’s solutions.
Exploring Cloud Security: Risks, Regulations & Remedies. Learn from incidents & strategies for robust cloud protection in an evolving digital landscape.
How would we define Cybercrime? What do you imagine when you think of a cybercriminal? Do you envision an erratic,
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats. Core principles and actionable guidance.
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritizing threats.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases, and protective measures for your brand.
Penetration testing is a mostly manual process carried out by experienced consultants, using some of the same methods and tools a real hacker would. You decide on the scope of your test with your consultant, set your target, and your tester will get to work attempting to breach it. This blog will explore the importance of pentesting for businesses, and how to begin.
The best practices with OnSecurity’s cyber security checklist 2023. Identify crucial steps to protect data and systems from unauthorised access and threats.
Delve into an effective external vulnerability scanning strategy and adopt best practices. This guide offers a very comprehensive understanding of the role they play.
New report reveals increasing cyber threats to drilling rigs, potentially leading to severe safety incidents. Understand the emerging vulnerabilities.
Here we delve into the evolution of ransomware with OnSecurity’s article on Triple Extortion ransomware tactics that threaten not just data, but a companies reputation
Learn how external vulnerability scanning can support your organisation in achieving operational resilience in this blog.
New research shows the prevalence of email phishing as the top cyber threat, tricking firms into revealing information through reputable sender disguises.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.