Fortifi Cyber

🎯 Want to understand what your security posture looks like? 🎯 Sick of conducting the same pen test each year, feeling a bit like you're caught in the 'Pen Test Trap'? 🎯 Looking for a fresh perspective when it comes to offensive testing? Come and see us at the BLTF 2025, hosted by Netlaw Media Ltd on stand 'D7a', to talk about all things pen testing. Whatever your pentesting needs, Fortifi are the experts you’ve been looking for. https://lnkd.in/eCBXYiH3 #informationsecurity #cybersecurity #data

A massive 1.17TB database of IoT device data was recently discovered completely unprotected - no password, no encryption. The data was found to contain WiFi access point details, IP addresses, and device IDs, as well as IoT device Operating Systems.   Also of major concern, according to Palo Alto Networks Unit 42's IoT Threat Report, 98% of IoT device traffic travels unencrypted, 57% of IoT devices are highly vulnerable, and 83% run on completely unsupported operating systems!   With the UK's PSTI Act now in force (April 29, 2024), manufacturers must ensure IoT devices meet minimum security requirements - including unique passwords and mandatory security updates. This may be a game-changer for consumer protection, do you agree?   With articles hitting the news like this on a daily basis, it is now more important than ever to ensure your own environment is in tip top shape in regards to cyber security. Got any Q's? Feel free to drop us a message! We're happy to help!   Team Fortifi https://lnkd.in/g6tHGqc7   #CyberSecurity #IoT #DataBreach #NetworkSecurity #Compliance #PSTI

We had a great time speaking at #CyberRunway Sunderland yesterday. Gaining insights into some of the complex cyber challenges smart cities face delivered by Liz St Louis was incredibly useful. As our cities advance, so does cyber threats (no brainer, right)! One thing we did touch on during our presentation yesterday is that there is no such thing as a 'silver bullet' in cyber security. That's just one of the reasons a careful, well thought out strategy is so important. #cybersecurity #data #informationsecurity

Some feedback we received from a project we delivered pre Christmas: " I am pleased to inform you that our penetration testing report has been approved by [censored]. I want to extend my heartfelt thanks for all the support you provided throughout this process. Your positive attitude and collaborative approach were instrumental in helping us achieve this significant milestone. It has been a pleasure working with you, and I truly value the partnership we’ve built. I look forward to the possibility of collaborating with you again on future projects." Makes all the hard work worth it 🙂↕️ #infosec #cybersecurity #data

A little message from all of the team! Wishing you all a Merry Christmas and all the best for 2025 🎅 🥳 #cybersecurity #pentesting #data

When discussing web application security with customers we often get asked whether we test against the OWASP Top 10 - the short answer is 'yes we do' but there's much more than 10 potential vulnerabilities in web application security! The OWASP Top 10 is just the tip of the iceberg.   So who are OWASP and what is the OWASP Top 10? The OWASP Top 10, highlights the most critical web app vulnerabilities, such as broken access control, injection flaws, and outdated components, to guide developers, IT managers, and security professionals in mitigating risks. Updated every few years, it serves as an educational resource to improve security practices, raise awareness, and support compliance but should be part of a broader, ongoing security strategy rather than a one-time checklist. For the full blog post - click below. https://lnkd.in/exwHsKw7 #owasp #pentest #cybersecurity

Exciting news! - Fortifi Cyber are releasing a security advisory discovered by one of our consultants. Arian M. discovered a vulnerability which allowed potentially sensitive data to be accessed by un-authenticated users.   More details can be found here: https://lnkd.in/eGJi_azt   #infosec #security #pentest

Vulnerability Assessments vs. Penetration Testing... We sometimes find when speaking with customers they think these two things are the same thing, which is simply not the case. Vulnerability assessments scan for weaknesses, and penetration testing takes it further by attempting to exploit them. Most of the confusion surrounding the two comes from the fact that pentesting requires the pentester to conduct a vulnerability assessment to find the weaknesses they wish to exploit. Penetration testing is arguably more valuable than vulnerability assessments since they are more thorough and provide the organisation with a comprehensive understanding of their system vulnerabilities and how they can be exploited. As discussed earlier, vulnerability assessments only identify the weaknesses and report them. However, penetration tests are more expensive, so it is common for companies to use vulnerability assessments more frequently than pentests. Click below to read the full blog post. #infosec #cybersecurity #security https://lnkd.in/ebWthQcN

Farn Hussain sharing his thoughts around the recent cyber attack which took place against T-Mobile recently.

More often that not when speaking with prospects they are conducting 'pentesting' on a regular basis... However, when we get deeper into the conversation, it turns out they are conducting automated testing. Now don't get us wrong - automated testing is definitely something you should do. But, manual testing is equally as important. Read out blog post to find out more: https://lnkd.in/ePFXRurd #infosec #cybersecurity #penetrationtesting