OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases,
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security,
Understanding the importance of cybersecurity for SaaS companies. Explore the awareness of threats and proactive
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials
Delve into an overview of 2021’s significant data breaches. Explore the most notable incidents and
Phishing emails are very common. They are spam emails that land in your inbox or
What is Email Phishing a Definition ‘Phishing’ is a cyberattack in which email is the
Protect your startup from threat with 7 key security tips. Expert insights to fortify your
Join our unique and growing pen-testing company and showcase your talent. We’re seeking skilled pen-testers
Explore these practical cybersecurity steps with OnSecurity’s guide. Make digital safety simple with seven effective
What is a penetration test and why should I get one? A penetration test (aka
Experience real-time communication with your penetration test testers during the testing process for enhanced collaboration
Discover OnSecurity’s innovative approach to penetration testing. Our client-collaborative efforts have streamlined booking to just
Discover effective strategies to streamline and simplify penetration testing. Learn how to alleviate the complexities
Look into IT Security through the eyes of a pen-tester. We’ll uncover the inner workings
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass methods and various exploitation techniques in this insightful post.
Understand the Power of Secure Code: Enhance Business Security with Proactive Code Audits. Discover vulnerabilities, ensure compliance, and build trust.
Roles in software engineering are becoming more popular with advances in technology and require a key set of skills. Here we run through how to become a software engineer
Learn about spoofing in cyber security, how it works, common types, and how businesses can detect and protect against this growing cyber threat.
Learn how OnSecurity evolved from the vision of a few founders to an industry-leading pentest provider, as shared by one of its founding members.
Learn how iOS penetration testing uncovers vulnerabilities in your mobile apps, ensuring robust security and protecting user data on Apple devices.
What are the differences between ISO 27001 and SOC 2, Type 2? How can I choose the right cybersecurity framework for my organisation?
Ensure your Open Banking APIs meet regulatory standards with robust security testing. Learn key methods, risks, and compliance best practices.
Discover the risks of using unsecured WiFi and learn effective strategies to protect your data. Read more to safeguard your online security today.
Discover the top 10 fintech app security vulnerabilities found in 2025, plus practical fixes to help your team improve security and reduce cyber risk.
Learn the essentials of hashing in cyber security, its importance, and practical applications. Discover how it protects data integrity—read more now!
Ensure secure fintech mergers with penetration testing best practices. Learn how to reduce risk, protect data, and support due diligence during M&A deals.
Discover the true cost of a retail data breach and why regular penetration testing is a smart, ROI-positive investment, not just a compliance requirement.
Understand the most common high-impact penetration testing findings that OnSecurity’s testers discover and the steps to take to remediate them.
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems, data, and customer trust.
Learn how to secure SaaS applications with expert strategies for data protection, access control, compliance, and threat detection.
Learn what ISO 42001 is, why it matters, and how businesses can implement AI governance, manage risk, and align with EU AI Act compliance requirements.
Learn how often to conduct cloud penetration testing based on your compliance needs, risk profile and cloud maturity level, from security experts.
Protect patient data in healthcare with essential security measures, pentesting insights, and UK data protection guidance.
Discover proactive security testing: prevent breaches before they happen, enhance compliance, and secure AI/LLM systems with continuous validation
Move beyond one-off pentests. Learn how to build a continuous assurance programme with regular testing, monitoring, and clear metrics that security leaders can track.
Discover how 2-step authentication secures business data from breaches. Compare MFA methods to strengthen your security.
Learn how supply chain attacks exploit third-party vulnerabilities and discover essential security measures to safeguard your business from costly breaches.
Discover what hackers can learn about your business online and how external attack surface discovery helps you reduce risk and strengthen security.
Discover the types of penetration testing, including network, web, mobile, cloud, API, and social engineering tests. Learn how to choose the right pentest.
Build a strong human firewall with effective security awareness training. Learn how to prevent social engineering and strengthen employee defences.
Explore the pros and cons of public and private cloud computing to determine the best fit for your needs. Learn how to secure any cloud environment with best practices.
Discover what an internal infrastructure test reveals about your systems. Gain insights to enhance security and performance. Read the article for more.
Discover what an ISMS is and how it enhances your organisation’s information security. Read our clear guide to implement effective management systems.
Discover the key differences between vulnerability assessment and penetration testing, and learn which approach is right for your security needs.
Build a secure software development cycle: integrate pentesting & shift security left. Guide for security leaders & developers.
Smishing, a form of cyber-attack that uses SMS messages to deceive victims, is on the rise. By exploiting human trust,
Explore SSDLC stages: From planning to deployment. Learn how to secure web apps effectively with OnSecurity’s solutions.
Exploring Cloud Security: Risks, Regulations & Remedies. Learn from incidents & strategies for robust cloud protection in an evolving digital landscape.
Discover how to mitigate financial risks from subdomain takeovers. Learn strategies to safeguard against reputational damage and data breaches.
How would we define Cybercrime? What do you imagine when you think of a cybercriminal? Do you envision an erratic,
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritizing threats.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases, and protective measures for your brand.
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats. Core principles and actionable guidance.
The best practices with OnSecurity’s cyber security checklist 2023. Identify crucial steps to protect data and systems from unauthorised access and threats.
New report reveals increasing cyber threats to drilling rigs, potentially leading to severe safety incidents. Understand the emerging vulnerabilities.
Here we delve into the evolution of ransomware with OnSecurity’s article on Triple Extortion ransomware tactics that threaten not just data, but a companies reputation
Learn how external vulnerability scanning can support your organisation in achieving operational resilience in this blog.
Delve into an effective external vulnerability scanning strategy and adopt best practices. This guide offers a very comprehensive understanding of the role they play.
New research shows the prevalence of email phishing as the top cyber threat, tricking firms into revealing information through reputable sender disguises.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.