The Blog
Our place for thought sharing, question answering and news announcing.
How Often Should You Pen Test?
We've been helping companies assess and upgrade their penetration testing capabilities for over a decade. Based on that experience, we want to share our thoughts on why it's better to do more frequent pen testing than you likely do at present.
See more
Are You Ready for Purple Team Testing?
When is an organisation ready for purple team testing? Have a look at the exact situations where purple teaming will deliver the most value, purple team testing timelines, and what happens after a purple teaming exercise is done.
See more
DORA Incident Reporting Essentials Explained
Being able to report security incidents - under DORA or any other major regulation such as GDPR or NIS2 - is one of the core security capabilities for any organisation that wants to grow its operations. Let's cover the basics.
See more
16 Hours At DEF CON: An Insider View On Antivirus Bypassing
Our red teamer, Dimitri Di Cristofaro, and his fellow hacker, Giorgio Bernardinetti, are running a full 16-hour training course on advanced antivirus (AV) evasion and malware execution at DEF CON 33. We spoke to Dimitri about what participants can expect, and more.
See more
6 Things To Do After Receiving Pen Test Results
It’s not as simple as “just fixing things". This article is our advice on how to go from pen test results (and recommendations) to successful post-test remediation.
See more
Pen Testing Price List UK and EU Guide 2025
In this blog post, we give you a behind-the-scenes look at pen test pricing in 2025 and share an 11-point checklist for UK and EU pen test buyers.
See more