Nettitude Blog

Bug Bounty vs Pen Testing - What's the Difference? | Nettitude

Posted by Chris Oakley on Nov 30, 2021 6:01:03 PM

When specifying cybersecurity testing for your organisation you’ll come across various approaches. Penetration testing and bug bounty programmes are two likely options.

But is this an either-or situation? We highlight the main differences between bug bounty and penetration testing and explain why they actually complement each other, keeping your organisation as safe as possible, 365 days a year.

Read More

Topics: Penetration Testing, Bug Bounty

What Is Ransomware & How Does It Work? | Nettitude

Posted by Jenny Wu on Nov 19, 2021 5:19:36 PM
What is ransomware?

Ransomware is a type of malware that locks and encrypts your computer or device before demanding a ransom to restore access.

Your files and data are effectively held hostage. They’re inaccessible until you pay the attacker to unlock them, or you remove the ransomware from your system.

Of course, the best scenario is to prevent an attack in the first place. It saves immense stress to your people and lost productivity due to inevitable downtime. Not to mention the financial blow, should you choose to pay.

There have been several notable attacks during 2021. Darkside targeted larger organisations such as Colonial Pipeline in the USA. Meanwhile, Revil and Sodinokibi were blamed for a cyberattack on JBS, the world’s largest meat packer.

But it’s not just a problem for large corporates. Any sized business in any country can suffer a ransomware attack.



Read More

Topics: ransomware, incident response, malware

Understanding and Mitigating Maritime Cyber Risks

Posted by Joel Snape on Oct 29, 2021 6:06:35 PM

There is a common misconception that cybersecurity fundamentally relates to the implementation and management of technical and non-technical control measures - installing firewalls, doing pen tests and implementing security awareness programmes. Whilst all of these are valid activities, much like any business activity cybersecurity is really about understanding the risks your business faces and putting mitigations in place to reduce that level of risk to an acceptable level.


Read More

Topics: Marine and Offshore

PCI DSS version 4.0 changes - how might the standard evolve? 6 things you need to know

Posted by Nettitude on Oct 29, 2021 2:55:06 PM

There are exciting times ahead for the PCI DSS as it aims to shift its position and up its game. Historically the PCI DSS has been criticised for being behind the technology curve, but as its latest iteration (version 4.0) is prepared for release by the Payment Card Industry Security Standards Council, we anticipate changes that will keep the standard in the here and now.

6 PCI DSS v4.0 changes we are anticipating:

Read More

Topics: PCI Compliance, PCI v4.0

5 Benefits of Bug Bounty Programs | Nettitude

Posted by Chris Oakley on Oct 22, 2021 3:06:45 PM

Cybersecurity testing takes many forms - each one with different benefits. Bug bounty programs will be new to many organisations. Yet, combined with fixed timeframe testing, they provide greater security assurance on a continual basis – not just at a single point in time.

This article unpacks five key benefits of a Bug Bounty program and the difference it can make to your cybersecurity, week in, week out.

Read More

Topics: Bug Bounty

Should you choose a local or global TIBER test provider?

Posted by Anthony Long on Oct 1, 2021 4:47:41 PM

Finding the right TIBER test provider for your organisation is crucial. You’ll want a secure test, but there’s huge value in knowing how to act on the results to protect your operations. An obvious question exists: should you opt for a local provider in your country or choose a larger, global tester?

We consider both options to help you make an informed choice.

Should you choose a local or global TIBER test provider

Read More

Topics: Financial Services, TIBER

What is a Bug Bounty?

Posted by Chris Oakley on Sep 14, 2021 5:39:08 PM

Cybersecurity testing is more crucial than ever. Whilst you’re probably familiar with our penetration testing services, you might not know about our bug bounty platform. And yet, it’s incredibly valuable to maximise your security.

Read More

Topics: Penetration Testing, Bug Bounty

Process Hiving - Red Teaming Whitepaper

Posted by Rob Bone and Ben Turner on Sep 2, 2021 3:00:00 PM

Our red team has created a new technique, and accompanying tool, that allows a red team operator to avoid many of the usual indicators that can trigger detection alerts when using existing tools. Avoiding detection is a high priority for a red team operator because this usually signals the imminent end of the compromise, as the network defenders start to contain and eradicate the threat.

Read More

Topics: Red Teaming, Process Hiving

Why you never pass or fail a TIBER test

Posted by Nettitude on Aug 26, 2021 10:00:00 AM

It’s impossible to totally eliminate the risk of a cyberattack. No reputable cybersecurity company could give that assurance. For the same reason, you cannot simply pass or fail a TIBER test.


In fact, it would pose a higher risk to state you’d passed as you might take no further action.


Complacency in cybersecurity is risky.

Protecting your organisation from cyberattacks should be continual. And it must be specific to your risk profile and particular operations. As attacks become more sophisticated, so must your testing to keep one step ahead.

 

Read More

Topics: Financial Services, TIBER

Ask an Expert: What is Ransomware? | Nettitude

Posted by Nettitude on Jun 17, 2021 1:26:40 PM

 



Nettitude has launch a brand new video series, Ask an Expert, to answer your most asked questions related to cybersecurity services, common terms, and trending topics. 

Whether your new to cybersecurity or a seasoned professional, this series will keep you in the know about all things cyber. 

In this episode

Hear from Nettitude Senior Incident Response Consultant Jenny Wu on the following topics:

  • What is Ransomware?
  • What are the risks associated with Ransomware?
  • How does Ransomware get on your computer?
  • How do you remove Ransomware?
  • How do you prevent Ransomware?

Click here to learn more about Ransomware

Read More

Topics: Cyber Security, Nettitude, Security Blog, ransomware