Cyberis offers a wide range of technical assurance services which can help you and your business achieve information security objectives. From Cyber Essentials assessments to in-depth advanced targeted attacks, Cyberis can provide the technical security knowledge and industry experience to identify and manage technical risks before these become a threat to your organisation.
All of our technical assurance offerings can be combined and tailored to your specific organisational or project requirements.
The Cyberis Incident Response Team (IRT) can be deployed to provide expert consulting and technical advice to help you manage a security incident from the initial detection to closure.
The Cyberis IRT will help you manage an entire incident, from a simple breach of policy to an estate-wide compromise, or work to the methodology within your organisation's incident response plan and as a colleague within your own incident response team.
At Cyberis, we believe in providing solutions to information security problems.
Drawing on years of experience within the information security arena, Cyberis has developed a number of solutions which will help our clients manage their risk and address common information security problems. We share many of our tools with the community via GitHub and our blog.
Our research is shared with vendors and trusted community groups such as ISSA, Security Research Information Exchange and CISP.
Cyberis is an innovative information security consultancy which was formed in 2011. Cyberis' founders have 30 years of experience between them working in the information security industry and are able to call upon a wide range of skills and abilities.
Today's announcement (https://www.krackattacks.com/) of the KRACK attacks against WPA2 represents a serious security concern for all wireless networks. The de facto wireless encryption standard, which has resisted hacking attempts for 14 years, has finally fallen. Both personal and enterprise versions of the protocol are vulnerable.
Another week, another ransomware outbreak. On Tuesday, we saw another variant of ransomware spreading, worm-style, across unsecured networks within large organisations. As with the WannaCry outbreak in May, large global corporations have been affected, and infections have spread from their initially-compromised hosts across internal networks. NotPetya hasn't received as much press as WannaCry did, but from a security perspective it does, at the moment, look far more interesting.
Sanitisation of user input is essential for preventing SQL injection, regardless of the format of the supplied data. Today I'm going to look at SQL injection through a more obscure injection point: serialized PHP arrays. Taking inspiration from a finding in a recent test, I've created a small app which allows the user to upload a CSV file. This file is then converted to a PHP array, serialized and returned to the user as a hidden form field. Finally, this is posted back to the application where the supplied data is inserted into the MySQL database.
Cyberis is an innovative cyber security consultancy based in Tewkesbury. We deliver industry-leading technical assurance and cyber security advice, including penetration testing and simulated attacks, to our customers across a wide range of verticals.
We are hiring highly motivated and enthusiastic candidates to join our team of cyber security consultants providing high-quality targeted assurance, advice and guidance to our customers. Our vision is to build the most respected team in the information security industry.
Another ransomware attack hits, this time on a scale never seen before. The spread has gone viral across a large and crucial network – the network underpinning the UK's National Health Service.
There are three main differences between this attack and previous ransomware incidents.
Cyberis is hunting for an excellent candidate to fulfil the role of Consultant within our expanding consultancy team. The role will entail delivering high quality penetration testing and other security consultancy work for our clients. Our team is dynamic, innovative and hard working. Career development is a priority for our company and this is reflected in the opportunities presented to our staff.
Ever wondered if you're prepared for a cyber security incident? This week, one of our Directors, Gemma Moore, is guiding you through incident preparation and handling.
Follow us on Twitter for the mini-how-to series, and view the previous blogs here:
Tuesday: Identifying The Incident
Wednesday: Defining Your Objectives
There is some confusion surrounding Cyber Essentials; what it is, why people need it and often there is a misinterpretation that Certifying Bodies are responsible for the schemes rules. Cyber Essentials is a relatively new certification. It has been mandated since October 2014 for UK government suppliers, although it is not limited to them, non-government organisations are encouraged to seek to obtain the certification.
NetAlerts is Cyberis’ new service which provides a concise, consistent overview of changes to your internet exposure. Understanding your exposure is a key factor in understanding the risk to your network; by detecting changes in TCP/IP port states and highlighting dangerous ports, NetAlerts can aid in the identification of insecure or misconfigured services as well as potentially malicious software.
| Email: | info@cyberis.co.uk |
| Tel (National): | +44 3333 444 800 |
| Tel (Tewkesbury): | +44 1684 530 000 |
| Fax: | +44 3333 444 801 |
| Address |
Cyberis Limited Unit E The Courtyard Tewkesbury Business Park Tewkesbury Gloucestershire GL20 8GD |