OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Learn how Mike Oram, VP of engineering at OnSecurity, taught himself coding, and how to
Explore API pen testing, its benefits, common vulnerabilities, and best practices to strengthen your business’s
Explore OnSecurity’s services and products for enhancing your organisation’s security posture. Understand the importance of
Unravel the essentials of ISO 27001 certification in this blog. Explore critical insights and guidelines
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases,
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security,
Understanding the importance of cybersecurity for SaaS companies. Explore the awareness of threats and proactive
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials
Delve into an overview of 2021’s significant data breaches. Explore the most notable incidents and
Phishing emails are very common. They are spam emails that land in your inbox or
What is Email Phishing a Definition ‘Phishing’ is a cyberattack in which email is the
Protect your startup from threat with 7 key security tips. Expert insights to fortify your
Join our unique and growing pen-testing company and showcase your talent. We’re seeking skilled pen-testers
Explore these practical cybersecurity steps with OnSecurity’s guide. Make digital safety simple with seven effective
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions about cloud-based security solutions.
Explore the methods targeting LinkedIn users through phishing scams and gain insights into the everyday tactics used by cybercriminals to exploit you further.
A computer hacker in the US was able to gain access to the water system of Oldsmar in Florida and successfully increased the amount of sodium hydroxide.
Dive into the alarming rise of Ryuk ransomware since 2018, which has accumulated over $150 million, showcasing its global financial impact and danger.
A compilation of tricks and checks for when a file upload is encountered in an offensive security test.
Unravel the simplicity of gRPC with Project Crobat. Learn to streamline development with gRPC and empower your projects. Dive into our blog for insights!
Delve into the fascinating narrative of how a love letter altered the landscape of computer security perpetually. Uncover this tale of technological evolution.
One of the biggest growing problems in computer security is the growing proliferation of cyberattacks which are far more open and threatening in nature.
Uncover the latest threat looming over government servers. The newfound vulnerability impacts Microsoft systems, leaving government infrastructures at risk.
Uncovering what went wrong with TravelEx. Investigating ransomware designed to take over the network and block access to file networks.
In this blog we uncover a huge data spill for Wishbone, revealing massive amounts of user data available for malicious actors to share and exploit.
The continued impact of the pandemic has made working from home the new normal, rapidly accelerating digital transformation in companies
We love using Clubhouse to helps us develop our security projects
Launched in 2015, Wishbone is a social networking app that encourages users to have their say in comparisons of everything
What happened in 2014 when Sony became the victim of an attack? Explore how Wiper malware was deployed and crippled the large corporation’s network.
Discover the key differences between web application pentesting vs network pentesting, when you need each type, and why both are essential for comprehensive security.
A practical guide to implementing Secure by Design in UK government product delivery. Covers risk-driven design, lifecycle security activities, compliance with the PSTI Act, and how regular penetration testing keeps your security posture continuously validated.
OnSecurity’s Pentest Files uncovers the latest vulnerabilities and real-life remediation steps to prevent businesses from malicious attack. In this article we find out how our Head of Pentesting is able to hijack admin invitations to bypass the login wall in our clients infrastructure.
Learn GDPR essentials: data protection principles, subject rights, breach management, and compliance tools to safeguard personal data effectively.
Learn how to secure SaaS applications with expert strategies for data protection, access control, compliance, and threat detection.
Learn what ISO 42001 is, why it matters, and how businesses can implement AI governance, manage risk, and align with EU AI Act compliance requirements.
Learn how often to conduct cloud penetration testing based on your compliance needs, risk profile and cloud maturity level, from security experts.
Protect patient data in healthcare with essential security measures, pentesting insights, and UK data protection guidance.
Discover proactive security testing: prevent breaches before they happen, enhance compliance, and secure AI/LLM systems with continuous validation
Move beyond one-off pentests. Learn how to build a continuous assurance programme with regular testing, monitoring, and clear metrics that security leaders can track.
Discover how 2-step authentication secures business data from breaches. Compare MFA methods to strengthen your security.
Learn how supply chain attacks exploit third-party vulnerabilities and discover essential security measures to safeguard your business from costly breaches.
Discover what hackers can learn about your business online and how external attack surface discovery helps you reduce risk and strengthen security.
Discover the types of penetration testing, including network, web, mobile, cloud, API, and social engineering tests. Learn how to choose the right pentest.
Build a strong human firewall with effective security awareness training. Learn how to prevent social engineering and strengthen employee defences.
A Penetration Testing Pro shows how social engineering works in the real world. Hackers techniques, real-life examples and practical tips on staying safe.
Find out why you need to protect your business against zero-click malware. Discover the best ways to defend your business against attacks.
Learn what MFA fatigue is, why it poses a security risk, and discover practical steps businesses can take to prevent and mitigate it effectively.
Learn how to build effective cybersecurity policies for your small business. Practical steps to protect data, ensure compliance & reduce risks.
Discover how enterprise businesses can tackle remote working cybersecurity risks with pentesting, clear policies, and training.
Discover 5 effective ways to protect your business from deepfake scams, including employee training, testing processes, and AI-generated content detection.
Learn about brute force attacks in cyber security, how they work, types, signs to watch for, and ways to protect systems from unauthorised access and potential data breaches.
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats. Core principles and actionable guidance.
Phishing emails are very common. They are spam emails that land in your inbox or junk folder that imitate a real-life, well-known company (or even someone you may know) and ask you to provide them with sensitive information. Be it usernames, passwords or card details, these cybercriminals will aim to get what they need to ‘hack’ you further and can cause many issues including financial loss.
What is Email Phishing a Definition ‘Phishing’ is a cyberattack in which email is the weapon. Victims are tricked into
Protect your startup from threat with 7 key security tips. Expert insights to fortify your business against cyber threats and protect your startup’s IT
Explore these practical cybersecurity steps with OnSecurity’s guide. Make digital safety simple with seven effective measures to protect against hackers
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.