Shearwater is a specialist information security services provider. We address four of the key information security challenges confronting organisations today, the challenges of securing applications; managing security operations; maintaining compliance, and improving awareness and security education across the board. We provide a combination of integrated services and capabilities delivered through our highly experienced information security and risk professionals.
Entries by Shearwater
Our monthly Security Report highlights some of the recent cybersecurity threats making headlines around the world. Compiled by Shearwater’s experienced cybersecurity professionals, this report identifies new attack vectors used by cybercriminals, and helps you stay one step ahead of the attackers. In this report we feature: · Firefox – critical vulnerability uncovered by targeted attacks […]
Featured this security report: ASUS release a critical software update to combat “ShadowHammer” Trojan Malware, CISCO’s RV320 and RV325 small business routers are vulnerable to attack, Zero-day vulnerabilities found in Google Chrome and Microsoft Windows are being exploited simultaneously, the recent WinRaR vulnerability is being abused en-masse by threat actors, Adobe patches Cold Fusion to […]
In this blog article, we describe the different types of penetration testing and various approaches (black, white and grey box) that make up the general range of strategies employed to conduct a penetration test. There are many different testing methodologies. They are generally categorised into: What are the different types of penetration testing? Networks (external, […]
There is often confusion around the role of a vulnerability assessment versus a penetration test. This is compounded by unscrupulous security vendors presenting (and pricing) a vulnerability assessment as a penetration test. Aside from poor ROI, this can give an organisation a false sense of security, when in fact they have only received a basic […]
For an organisation, not yet, impacted by cybercrime, penetration testing outside of compliance may seem like an additional, unwelcome expense. In the following blog article, we explain how penetration testing is good for (and may even save) your business. A Penetration Test (also known as ethical hacking) is an authorised hacking attempt, targeting all, or […]