Articles - OnSecurity

About Us
Pentest

Overview
Our approach to pentesting

Web Application
Web apps, web servers & websites

Mobile Application
iOS, Android and other apps

LLM & AI Application
Red Team LLM & AI pentesting

Cloud Security
AWS, Azure and GCP testing

Physical Penetration
Onsite security assessment

External Infrastructure
Perimeter defence testing

Internal Infrastructure
Internal network & insider threats

Social Engineering
In-depth, highly-targeted phishing

Phishing Simulation
Phishing testing & awareness
Platform Features
Resources

Resource Hubs

Cloud Security Hub
All you need to know about Cloud Security

Penetration Testing Hub
All you need to know about Penetration Testing

Guides
Topical whitepapers that dive into the current state of affairs

Latest Articles

See All Articles
Customers

Testimonials
What people are saying about the service at OnSecurity

Case Studies

From Engineering to Enterprise Security: How a Renowned Automotive Business Closed Critical Gaps with OnSecurity

Secure and Streamlined: Why Countingup Chooses OnSecurity for Annual Testing

Why Early-Stage Security Testing Builds Client Trust

Driving Secure Growth Through Seamless Testing

See All Case Studies
Events
Contact

Get Your Quote. Instantly.

Web Application Pentesting vs Network Pentesting: What’s the Difference?

Discover the key differences between web application pentesting vs network pentesting, when you need each type, and why both are essential for comprehensive security.

Secure by Design in Practice: A Guide for UK Government Product and Delivery Teams

A practical guide to implementing Secure by Design in UK government product delivery. Covers risk-driven design, lifecycle security activities, compliance with the PSTI Act, and how regular penetration testing keeps your security posture continuously validated.

Pentest Files: Hijacking Admin Invitations to Bypass the Login Wall

OnSecurity’s Pentest Files uncovers the latest vulnerabilities and real-life remediation steps to prevent businesses from malicious attack. In this article we find out how our Head of Pentesting is able to hijack admin invitations to bypass the login wall in our clients infrastructure.

Pentest Files: Log File Injection Leading to Remote Code Execution

OnSecurity’s Pentest Files uncovers the latest vulnerabilities and real-life remediation steps to prevent businesses from malicious attack. In this article we find out how Craig discovered a Log File Injection leading to remote code execution.

A Guide to Adversarial Testing for AI

Learn what adversarial testing is, how red teaming secures AI systems, key attack scenarios, and best practices for evaluating LLM and ML security risks.

GDPR Basics: A Practical Guide to Data Protection

Learn GDPR essentials: data protection principles, subject rights, breach management, and compliance tools to safeguard personal data effectively.

The Security of SaaS: From Risk to Resilience in Cloud Environments

Learn how to secure SaaS applications with expert strategies for data protection, access control, compliance, and threat detection.

How to Build Risk Assessments for Cyber Security: A Practical Outline

Complete guide to cybersecurity risk assessments: identify vulnerabilities, analyse threats, implement controls, and maintain compliance with regulatory standards

ISO 42001 Compliance: A Guide for Businesses

Learn what ISO 42001 is, why it matters, and how businesses can implement AI governance, manage risk, and align with EU AI Act compliance requirements.

When Should I Cloud Penetration Test? An Overview of Industry Standards, Critical Triggers, and Compliance Requirements

Learn how often to conduct cloud penetration testing based on your compliance needs, risk profile and cloud maturity level, from security experts.