Mobile Application Penetration Testing often has a different flow to web application or network testing. This is because not only do you get an application but you also get the software itself. This runs on a device you control and allows for a much wider attack surface. It also allows DE compilation of code and hooking of calls all in service of attacking the application. As such, mobile app pentesting requires an entirely different skill set, knowledge base and methodology. Most mobile application penetration tests rely on the OWASP-MASVS (Mobile Application Security Verification Standard). Senior application developers and hackers are responsible for developing this to ensure that applications meet minimum security requirements. The content in this blog comes from the OWASP-MSTG which is one of the most complete methodologies available.
Where to start… So, When it comes to Cyber Security Careers, the possibilities are endless, as they are in most sectors. Some people choose to work as SOC analysts. Others opt for management positions. Penetration testing is a prominent career pathway in the world of Cyber Security. If you are considering a Penetration Testing Career, … Read more
In this article we will outline what is meant by physical security in the context of cyber security. We will have a look at the top ten best practices for securing your environment physically. Most of these you may think are common sense. However, you really would be amazed to discover how many reputable
Regular penetration testing is becoming increasingly important. What many business owners seem to want to know, however, is when to arrange a system test. Any application that processes personal data, whether in the storing or retrieving personal data, needs to have its security tested regularly according to GDPR Article 32 (1.D). Many systems have never … Read more
Boris Johnson is facing rebellion in the commons over his decision to allow Huawei a role in developing the UK’s 5G network. The opposition have today called for a ban on high risk venders being allowed to play a role in the development of our technology infrastructure. Major General Jonathon Shaw, the former head of … Read more
Having spoken to many cybersecurity professionals at various networking events and expos, one recurring topic of conversation seems to arise; that business owners are put off improving their cybersecurity posture because they have little knowledge of the dangers that cybercrime can pose, or of the simple methods by which they can achieve security. Many organisations … Read more