Nettitude Blog

Should you choose a local or global TIBER test provider?

Posted by Anthony Long on Oct 1, 2021 4:47:41 PM

Finding the right TIBER test provider for your organisation is crucial. You’ll want a secure test, but there’s huge value in knowing how to act on the results to protect your operations. An obvious question exists: should you opt for a local provider in your country or choose a larger, global tester?

We consider both options to help you make an informed choice.

Should you choose a local or global TIBER test provider

Read More

Topics: Financial Services, TIBER

What is a Bug Bounty?

Posted by Chris Oakley on Sep 14, 2021 5:39:08 PM

Cybersecurity testing is more crucial than ever. Whilst you’re probably familiar with our penetration testing services, you might not know about our bug bounty platform. And yet, it’s incredibly valuable to maximise your security.

Read More

Topics: Penetration Testing, Bug Bounty

Process Hiving - Red Teaming Whitepaper

Posted by Rob Bone and Ben Turner on Sep 2, 2021 3:00:00 PM

Our red team has created a new technique, and accompanying tool, that allows a red team operator to avoid many of the usual indicators that can trigger detection alerts when using existing tools. Avoiding detection is a high priority for a red team operator because this usually signals the imminent end of the compromise, as the network defenders start to contain and eradicate the threat.

Read More

Topics: Red Teaming, Process Hiving

Why you never pass or fail a TIBER test

Posted by Nettitude on Aug 26, 2021 10:00:00 AM

It’s impossible to totally eliminate the risk of a cyberattack. No reputable cybersecurity company could give that assurance. For the same reason, you cannot simply pass or fail a TIBER test.

In fact, it would pose a higher risk to state you’d passed as you might take no further action.

Complacency in cybersecurity is risky.

Protecting your organisation from cyberattacks should be continual. And it must be specific to your risk profile and particular operations. As attacks become more sophisticated, so must your testing to keep one step ahead.


Read More

Topics: Financial Services, TIBER

Ask an Expert: What is Ransomware? | Nettitude

Posted by Nettitude on Jun 17, 2021 1:26:40 PM


Nettitude has launch a brand new video series, Ask an Expert, to answer your most asked questions related to cybersecurity services, common terms, and trending topics. 

Whether your new to cybersecurity or a seasoned professional, this series will keep you in the know about all things cyber. 

In this episode

Hear from Nettitude Senior Incident Response Consultant Jenny Wu on the following topics:

  • What is Ransomware?
  • What are the risks associated with Ransomware?
  • How does Ransomware get on your computer?
  • How do you remove Ransomware?
  • How do you prevent Ransomware?

Click here to learn more about Ransomware

Read More

Topics: Cyber Security, Nettitude, Security Blog, ransomware

How to Configure a Firewall Policy | Nettitude

Posted by Nettitude on May 6, 2021 12:10:45 PM

By Mike Buckley | Pre-Sales Consultant at Nettitude 

Firewalls have been around for many years in various shapes and sizes, from simple Access Control Lists, to full “Next-Gen” threat prevention and sandboxing. They have evolved to (mostly) embrace Cloud strategies and remain an important security tool, protecting important assets and securing workspaces. However, they are usually perceived as a necessary evil.

It can be common to encounter applications not working as they should be after a firewall has been implemented. By their very nature, Firewalls should be preventing a lot more traffic than they permit, and it can be a challenge to configure them correctly to allow this access whilst at the same time not reverting to an overly permissive policy. As a result, organisations can rush through the process, sending applications live with rules in place that are designed as a quick fix, rather than a long-standing solution.

In order to correctly onboard clients to NOC services, Nettitude’s Network Operations experts must examine the integrity of a firewall and its setup to ensure the basics are in place. In this blog post, we’ll take a look at the basics of configuring a firewall policy.

Read More

Topics: Cyber Security, Nettitude, Security Blog

How ICS Testing Protects Against Cybersecurity Threats | Nettitude

Posted by Nettitude on Apr 22, 2021 11:22:17 AM

By Fan Zhang | Cybersecurity Business Manager, APAC

When we talk about “ICS (Industrial Control Systems) Cyber Attacks” to organisations, we often mention that the systems are absolutely disconnected (air-gapped) from the IT network and from the Internet, so they can never be compromised. But is this always true?

From the growing number of ICS attack cases, we know that it is not the case and in this blog post, Nettitude aims to define what an ICS cyber-attack is and how organisations can protect themselves against them.

Read More

Topics: Cyber Security, Nettitude, Security Blog, ics cyber security, ics cyber security threats, ics threat landscape, ics network security, ics testing

How JWT Hijacking Can Be Prevented | Nettitude

Posted by Nettitude on Apr 16, 2021 4:03:19 PM

By Vanessa Santos | Security Consultant at Nettitude

Json Web Tokens (JWTs) are commonly used in many applications to validate the client’s identity. The JWT token is provided during authentication in case of success and this is then used in all authenticated interactions to the application.

The validation of user’s identity is based on the user’s information stored in the JWT token which is signed by the server using JSON Web Signatures. The information exchanged within the JWT can also be encrypted using JSON Web Encryption however this is not widely used.

Although the JWT token can be used in web applications there is a number of caveats that come with the choice of implementing JWT authentication tokens that can result in them being hijacked.

In this article we will be discussing these security implementation issues and will uncover ways of preventing an attacker from hijacking JWT tokens.

Read More

Topics: Cyber Security, Nettitude, Security Blog, JSON Web Token

Why File Integrity Monitoring is Critical | Nettitude

Posted by Nettitude on Apr 9, 2021 5:28:13 PM

By Mike Buckley | Presales Consultant at Nettitude

49% of US organisations have suffered a data breach in the past year. With almost half of the nation’s businesses losing critical data, something is surely wrong.

Data is considered as one of the most important assets a business can have; it’s essentially the life blood of any organisation. Yet two of the biggest concern’s businesses have is the privacy and security of their data - and rightly so as once it’s compromised, it can cripple an organisation rapidly. Research from the University of Maryland indicates that hackers are active across the globe every 39 seconds. This means that a single computer unit could be under attack multiple times, every minute of the day. But how would you know If there’s a security breach?

File Integrity Monitoring (FIM) software is one of the solutions to this challenge, yet many businesses are unaware that this tool is available to them. However, in the words of Nicolaus Copernicus – To know that we know what we know, and to know that we do not know what we do not know, that is true knowledge.

Been as you’ve landed on this blog post; you’ve taken first step is identifying that your organisation could benefit from FIM. The second step is to find out what FIM is and how it works exactly.

This is where we can help!

Read More

Topics: Cyber Security, Nettitude, Security Blog, fim, file integrity monitoring, fim system, fim software

Cybersecurity In a World Under Pressure – InfoSec 2021 Webinar | Nettitude

Posted by Nettitude on Mar 24, 2021 1:17:54 PM

By Nettitude

The COVID-19 Pandemic has has showed us that the need for a comprehensive cybersecurity plan is more important than ever.  Having a plan in place is important, but making sure that your cybersecurity measures are effective against an ever changing threat landscape is just as necessary.

Our Head of Threat Intelligence and Advisory Consulting, Anthony Long, recently presented at the InfoSec Webinar on "Cyber Security In A World Under Pressure." In the webinar, we took a look at the impacts of the pandemic and why threat intelligence-led testing is necessary. 

Read More

Topics: Cyber Security, Nettitude, Security Blog, Financial Services, Financial Security

About Nettitude

Nettitude is the trusted cybersecurity provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

In 2018, Nettitude became part of The Lloyd's Register Group, an 8,000 person strong professional services organisation, with 300 years of heritage in safety and risk management. Nettitude now provides true global coverage, through a network of over 180 offices strategically placed around the globe.

Subscribe Here!

Recent Posts