Security risks of low-code/no-code development platforms By Alex Harper - May 11th, 2022 Posted in Penetration Testing The low-code/no-code development market is growing at an astounding pace. However, low-code does not necessarily mean low risk. Below, we...
XSS attacks: what is cross-site scripting and why is it a security risk? By Alex Harper - March 18th, 2022 Posted in Penetration Testing A cross-site scripting (“XSS”) attack is a form of injection attack, in which a threat actor executes malicious code into an otherwise be...
What are injection flaws and why are they a web application risk? By Alex Harper - March 18th, 2022 Posted in Penetration Testing Injection flaws refer to a range of attacks in which a threat actor submits unexpected inputs into a web application. To do this, the att...
Manual penetration testing versus automated tools: what are the benefits? By Alex Harper - March 7th, 2022 Posted in Penetration Testing automated penetration testing, manual pen testing In this blog, we discuss the benefits of manual penetration testing versus automated tools. In a manual penetration test, a suitably qual...
What should a good penetration test report include? By Alex Harper - February 2nd, 2022 Posted in Penetration Testing Penetration testing is an excellent way for organisations to gain assurance and information about the security of their IT infrastructure...
Penetration testing tools – What are the most common? By Alex Harper - January 26th, 2022 Posted in Penetration Testing cyber security, pen test, pen tester, pen testing, penetration testing, vulnerabilities, web proxy Penetration testing is a point-in-time security assessment, where a suitably skilled tester uses a combination of pen-testing tools and m...
API penetration testing: What, why, how? By Thomas O'Donnell - December 21st, 2021 Posted in Penetration Testing API, API Testing, APIs, applications, cyber security, penetration testing An application programming interface (“API”) penetration test is a security assessment carried out by a penetration tester to validate th...
What is the point of authenticated web application penetration testing? By Alex Harper - November 22nd, 2021 Posted in Penetration Testing Web application penetration tests are a common way for organisations to gain assurance and information about the security of their web ap...