Pen Test or Vulnerability Scan?

ambersail security awareness

Summary The difference between a penetration test and a vulnerability scan lies in the amount of human time and skill needed to perform it, and the depth to which the target systems will be assessed. Scans are automated and therefore are quite shallow, whereas penetration tests are largely manual but can result in systems being more thoroughly… Read more »

Infographic: How You Can Combat Cyber Crime

Our infographic gives you simple advice on how you, the individual, can combat cyber crime. Many organisations will spend much time and money on technological solutions to this growing problem. Have you ever wondered how you can help yourself, without depending on increasingly ineffectual technology?

I, Penetration Tester: Ethics in Cyber Security

Indulge me for a minute. Ethics in cyber security is a discussion that continues to develop. There are numerous ethical standards out there, but can all of this be summarised neatly in once place? I think it can, possibly…   Way back in 1942, during the first Golden Age of Science Fiction, Isaac Asimov proposed the… Read more »

Our New Northern UK Office

Ambersail Sci Tech Daresbury Office

After a few hectic months we have finally arrived at our new North UK offices at the Innovation Centre at the Daresbury Science Park. After a flurry of recruitment at Ambersail, this Sci-Tech site is perfect for what we need during our next stage of growth. The building is brand new and has all the… Read more »

Cryptographic Weakness: No Trust Without Security

Are You Talking To Me? I had a conversation with a client recently. We’d just conducted a penetration test for his organisation and a number of cryptographic weakness findings had come up. “These issues aren’t normally significant” he said. “Why are we failing now, when we were okay before?”. A fair question, and one that deserves an answer. Here’s… Read more »

ASV Scan Responsibilities

Approved Scanning Vendor

The ASV Program Guide describes the various responsibilities for all parties involved in the PCI ASV Scanning process. There are a number of parties, but here we’re just concentrating on two. They are the scan customer (you) and the Approved Scanning Vendor (Ambersail). The following text is taken from the official ASV program guide, which… Read more »

What is SQL Injection?

What is it? Put simply, SQL or sometimes “sequel” injection is a web site security fault that enables a hacker to steal the private or confidential data that you have available on your web site. It is surprisingly common, can have a devastating business impact, and is easy to prevent. Now you too can answer the question “What… Read more »