The Blog
Our place for thought sharing, question answering and news announcing.
Which Cybersecurity Framework to Choose (and When): A Real Comparison of Cyber Frameworks
Whether you lead, work for, or invest in a company early in its cybersecurity journey, this article will help you understand the what, why, and when of cybersecurity frameworks.
See more
The Ultimate Guide to Pen Testing for Startups (2026)
This guide helps startups understand when to pen test, how to pen test, and how much to spend on pen testing. Plus, the latest legal pen testing requirements for startups in 2026.
See more
Why Do You Need a Penetration Test for LLM-Enabled Applications?
From a hacker’s perspective, an LLM-powered app can look like a cooperative insider. In this blog post, we explain why LLM integrations are inherently risky, the real-world attacks they face, and why specialised penetration testing is essential.
See more
Why It's Not Possible to Map DORA vs ISO 27001 vs NIST CSF
DORA, ISO 27001, and NIST CSF may look similar on the surface, and plenty of gap analysis templates promise to align them. But here’s why that might not be the best idea.
See more
DORA Microenterprise Requirements: Everything You Need to Know
Thanks to DORA's principle of proportionality, smaller organisations face lighter requirements than larger financial entities in many areas and are fully exempt from others. Here's what microenterprises need to know.
See more
Expert Advice on DORA Penetration Testing
All DORA-covered entities must test their systems using what DORA refers to as "appropriate tests” to ensure they are resilient. So, what is an “appropriate test”?
See more