LRQA Nettitude Blog

When specifying cybersecurity testing for your organisation you’ll come across various approaches. Penetration testing and bug bounty programmes are two likely options.

But is this an either-or situation? We highlight the main differences between bug bounty and penetration testing and explain why they actually complement each other, keeping your organisation as safe as possible, 365 days a year.

What is ransomware?

Ransomware is a type of malware that locks and encrypts your computer or device before demanding a ransom to restore access.

Your files and data are effectively held hostage. They’re inaccessible until you pay the attacker to unlock them, or you remove the ransomware from your system.

Of course, the best scenario is to prevent an attack in the first place. It saves immense stress to your people and lost productivity due to inevitable downtime. Not to mention the financial blow, should you choose to pay.

There have been several notable attacks during 2021. Darkside targeted larger organisations such as Colonial Pipeline in the USA. Meanwhile, Revil and Sodinokibi were blamed for a cyberattack on JBS, the world’s largest meat packer.

But it’s not just a problem for large corporates. Any sized business in any country can suffer a ransomware attack.

Cybersecurity testing takes many forms - each one with different benefits. Bug bounty programs will be new to many organisations. Yet, combined with fixed timeframe testing, they provide greater security assurance on a continual basis – not just at a single point in time.

This article unpacks five key benefits of a Bug Bounty program and the difference it can make to your cybersecurity, week in, week out.

Finding the right TIBER test provider for your organisation is crucial. You’ll want a secure test, but there’s huge value in knowing how to act on the results to protect your operations. An obvious question exists: should you opt for a local provider in your country or choose a larger, global tester?

We consider both options to help you make an informed choice.

Cybersecurity testing is more crucial than ever. Whilst you’re probably familiar with our penetration testing services, you might not know about our bug bounty platform. And yet, it’s incredibly valuable to maximise your security.

Our red team has created a new technique, and accompanying tool, that allows a red team operator to avoid many of the usual indicators that can trigger detection alerts when using existing tools. Avoiding detection is a high priority for a red team operator because this usually signals the imminent end of the compromise, as the network defenders start to contain and eradicate the threat.

It’s impossible to totally eliminate the risk of a cyberattack. No reputable cybersecurity company could give that assurance. For the same reason, you cannot simply pass or fail a TIBER test.

In fact, it would pose a higher risk to state you’d passed as you might take no further action.

Complacency in cybersecurity is risky.

Protecting your organisation from cyberattacks should be continual. And it must be specific to your risk profile and particular operations. As attacks become more sophisticated, so must your testing to keep one step ahead.

By Vanessa Santos | Security Consultant at LRQA Nettitude

Json Web Tokens (JWTs) are commonly used in many applications to validate the client’s identity. The JWT token is provided during authentication in case of success and this is then used in all authenticated interactions to the application.

The validation of user’s identity is based on the user’s information stored in the JWT token which is signed by the server using JSON Web Signatures. The information exchanged within the JWT can also be encrypted using JSON Web Encryption however this is not widely used.

Although the JWT token can be used in web applications there is a number of caveats that come with the choice of implementing JWT authentication tokens that can result in them being hijacked.

In this article we will be discussing these security implementation issues and will uncover ways of preventing an attacker from hijacking JWT tokens.

By Jenny Wu | Senior Incident Response Consultant at Nettitude

The move to the Cloud and remote working models has changed the way networks are connected. Today, we are shifting focus from security to protecting assets rather than the traditional perimeter. Traditional anti-virus is no longer able to keep up with newer attacks and vulnerabilities, allowing compromises to occur more frequently; especially for the healthcare industry which is frequently targeted. They therefore need additional protection in the form of Endpoint Detection and Response (EDR) Tooling.

By Nettitude

Today, we’re excited to announce the launch of our Nettitude Bug Bounty programme .

Over the past few months, we’ve been running a Bug Bounty trial with a number of our clients, which we’re pleased to say has been successful. Now, we’re ready to open our Bug Bounty service up to the world.