2018 is rapidly drawing to a close. The winter chill is setting in and a festive spirit permeates the air. 2019 is hurtling towards us carrying the promise of new challenges and opportunities. However, there’s still a couple of weeks to get a few more massive data breaches in.
We at Bulletproof provide a range of different cyber security services, including penetration tests, managed SIEM, and compliance consultancy. Though undoubtedly the most interesting (and cool) service we offer are our red team assessments.
You’ll often find that ‘vulnerability scan’ and ‘penetration test’ are wrongly used interchangeably, creating confusion about which is the right security choice for businesses. Broadly speaking, a vulnerability scan could be thought of as a surface-level security assessment, whereas a penetration test delves that much deeper. In fact, penetration testers often make use of a vulnerability scan as part of their process.
Even if you don’t work in the cyber-security world, you won’t have failed to notice that businesses of all sizes appear to be getting hacked on a scarily regular basis. These news reports may even help you decide whether to stay with a company or not. For example, if your gas provider experienced a security breach and lost your personal information, would you stick with them, or would you move to a seemingly more secure provider?
Prove you are a human. If you think about that sentence for too long, you realise it’s actually incredibly complex and can bring about a sense of existential angst. Yet, it’s something that is demanded of us on a near daily basis, sometimes more. It turns out, proving our humanity doesn’t require showing the capacity to love, or even passing Blade Runner’s Voight-Kampff test. Rather, we just need to be able to click on pictures of cars or shop fronts.
Let’s get one thing out there from the get-go. Being a Bulletproof consultant is awesome. I haven’t been coerced to say that. I mean, let’s start with that brand name. How cool is it to say I work for Bulletproof? I have several T-shirts with the logo emblazoned across the chest. Sometimes, I even wear them on a non-work day.
Last week, we spoke about the common issues that come up throughout a penetration test. We left out what many of our penetration testers think of as the ‘biggest issues’, however, as the finished article rivalled Dickens at his wordiest. Still, they’re definitely worth raising, as some of the most common issues that emerge from a penetration test don’t involve misconfigurations, vulnerabilities or hacking of any kind.
We live in an age where cyber security threats are (or at least should be) at the forefront of everyone’s mind. Very recently, British Airways suffered a huge security breach that led to over 300,000 payment cards being compromised, showing that even the big players can still get hacked if they’re not 100% vigilant.
Artificial intelligence and its cousin machine learning are words that keep cropping up in almost every industry at the moment. Sometimes as buzzwords, sometimes with real innovation, but always with the outlook that both Ai and ML are going to be employed a lot more across a whole spectrum of businesses.
We are all no doubt aware of phishing. That age-old practice of sending fraudulent emails with the hope of gaining financial details, obtaining account credentials or tricking a user into installing malicious software. The practice is not new. In fact, before the wide-spread use of the internet, people would often receive letters claiming that they had won some sort of competition and to claim their prize, all they had to do was send some cash to front the delivery costs.
