A 16-year-old hypervisor escape vulnerability in Linux KVM shows guest isolation is an assumption, not a fact. Here’s why that should change how you scope security testing.
penetration testing
-
-
Penetration testing as a service and a traditional scoped engagement solve different problems. A side-by-side comparison and a simple way to decide which your business needs.
-
What happens during a thick client penetration test, what testers find most often, and how to choose a provider.
-
A US county paid roughly $1 million to a group that never encrypted a single file, exposing how far data-theft extortion has moved beyond classic ransomware.
-
Black box vs white box testing comes down to how much access you give your penetration testers. Here’s how each approach, plus grey box testing, affects realism, depth, cost and …
-
Not sure whether to commission a penetration test or start a bug bounty programme? A practical checklist covering compliance, cost and timing for UK businesses.
-
The warning signs that separate a genuine penetration test from a scan with a report template, and how to choose a penetration testing company that won’t disappoint.
-
Commissioning PCI DSS penetration testing? What Requirement 11.4 actually obliges you to buy, and the questions to ask before you sign a quote.
-
StegoAd infected 2.6 million users through official browser stores using steganography to hide payloads in images. Here is what UK businesses should audit and lock down.
-
Many organisations receive pen test reports they cannot act on. This guide explains what a thorough penetration test report looks like and the red flags that indicate a poor one.