Web Application Risks: SQL Injection Welcome to the second of five posts on the top vulnerabilities found in vendor and bespoke web applications. Here, InfoSec Pro Kai Stimpson focuses on the second most common vulnerability we encounter – SQL Injection. You can catch the first post on broken authentication here. What is SQL injection? SQL (Structured Query Language) injection is a technique used for attacking data-driven apps. Despite having been around for nearly 20 years, it continues to pose a … Read More »
DontCry over WannaCrypt If you’re reading this article it’s not because you’ve randomly stumbled across the hashtags “WannaCry”, “WCry”, “WannaCrypt”, “Ransomware” etc. It’s because you’re already aware of it. Now, what can we add to the hundreds of articles on the recent breach via ransomware and the NSA vulnerability/exploit MS17-010? To sum it up, these are following mediums discussing WannaCry: Tweets Articles Blog posts Newspaper columns TV reports Fail image shares across social media Text messages WhatsApp messages … Read More »
No. 2: Identity Federation and User Identities in the Cloud Greetings to the second of our five part series addressing the top vulnerabilities and misconfigurations common in the cloud environment. Previously, InfoSec pro Sasha Raljic discussed accountability and data ownership in the cloud and the importance of determining the rightful data owners. Here, he looks at user identity federation and the importance of managing user identities across the cloud environment so that an appropriate level of access is … Read More »
Taking a Pragmatic Approach to the GDPR The General Data Protection Regulation aims to harmonise and toughen minimum standards for protecting the personal information of EU citizens. It applies to any organisation doing business with EU member states, regardless of where it’s headquartered. Brexit, whether hard, soft or any other variant, will not affect the introduction of the regulations. Establishing how commercial, public and third sector organisations approach compliance with the new law in time for May … Read More »
We are Perspective Risk
Information security is crucial to every aspect of your business – operational efficiency, profitability, business continuity, customer confidence, brand loyalty, protection against fraud and meeting regulatory requirements.
Our penetration testing, pen testing, pen tests and cyber security testing has proven time and time again to be an effective security assessment of business IT infrastructure.
Perspective Risk provides in-depth security assessments, risk management and compliance solutions to help you keep your confidential information safe and your critical systems secure. We’re innovative, flexible and supportive, helping you through any information security issues to deliver real business benefits and excellent value.