Server-Side Request Forgery

Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021. In this tenth and final instalment, we will describe one of the key threats that organisations face in the digital world in a high-level overview of Server-Side Request Forgery (SSRF). Understanding Server-Side Request Forgery (SSRF) Server-Side Request Forgery is a […]

Read More

Security Logging and Monitoring Failures

Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021. In the ninth instalment, we continue to deliver a high-level overview of the key threats that organisations face in the digital world. Today’s focus is on Security Logging and Monitoring Failures.​ Understanding Security Logging and Monitoring Failures? Previously ranked tenth […]

Read More

Software and Data Integrity Failures

Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021. In the eighth instalment, we continue to deliver a high-level overview key threats that organisations face in the digital world. Today’s focus is on Software and Data Integrity Failures. Understanding Software and Data Integrity Failures Previously unranked in the OWASP […]

Read More

Identification and Authentication Failures

Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021, where we are taking a light look at the common threats in the digital space that organisations face. In today’s seventh instalment, the focus is on Identification and Authentication Failures. Understanding Identification and Authentication Failures This issue previously occupied second […]

Read More

Vulnerable and Outdated Components

Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021, where we are taking a light look at the common threats in the digital space that organisations face. In the sixth instalment of the series, today’s focus is on Vulnerable and Outdated Components. What are Vulnerable and Outdated Components? If […]

Read More

Security Misconfigurations – What are they?

Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021, where we are taking a light look at the common threats in the digital space that organisations face. In the fifth instalment of the series, today’s focus is on the often-underestimated area of Security Misconfigurations. What are Security Misconfigurations? Security […]

Read More

Insecure Design – What is it?

In the fourth entry of our ten-part blog series on the OWASP Top Ten list, we are taking a brief look at Insecure Design. Insecure Design as a category of vulnerabilities is a new edition to the OWASP Top Ten list when compared to historical versions. The category itself is considered quite broad in terms […]

Read More

What is network testing?

Many businesses will test their network to make sure it’s functioning properly and providing the right level of service for users. It therefore serves to guarantee working efficiency for internal processes and, where products and services are sold online, ensure a smooth customer experience. However, network testing is also important for business cyber security.   In […]

Read More

How to conduct a self-assessment for cyber essentials

Cyber essentials is a government-backed scheme designed to support the development of all UK businesses. Nevertheless, there are various requirements for organisations to meet the level of cyber security outlined by cyber essentials. Business leaders must then prove that they have taken steps to improve their cyber security infrastructure by submitting an official self-assessment.   In […]

Read More