Hertfordshire, United Kingdom
Dec 17, 2021   |  By Rebecca Bada
Supplier due diligence is an action taken by an organisation to identify and understand the credibility and suitability of a prospective partner or vendor. Conducting supplier due diligence can help guide decision-making when choosing the right vendor, detect risks with potential suppliers and protect customer data in the process. It's also considered good business practice and can help mitigate future financial and reputational damage caused by a data breach.
Dec 3, 2021   |  By Brian Wagner
Over the last two weeks, many have had flashbacks to 2012 when Heartbleed was released and everyone scrambled to fix broadly used OpenSSL. Due to their nature, some applications and services are so prolific that when a vulnerability is identified it causes massive issues for vendors and customers alike. The latest of this kind of issue is the Log4j vulnerability that has been dominating the press.
Nov 22, 2021   |  By Oliver Pinson-Roxburgh
The most common application vulnerabilities will come as no surprise to cyber security experts. If we know about them, why do they persist?
Nov 19, 2021   |  By Neil Barnes
No-one would lend or borrow money without expecting some form of agreement to be in place covering the term, the interest, the repayments and so on. Even lending the garden hose to a neighbour comes with an expectation of it being returned at some stage and being returned in the state that it was lent.
Nov 15, 2021   |  By Kieran Roberts
We’ve previously discussed what social engineering attacks are and what you can do to prevent them. Here, we’re going to review the reasons why threat actors persist with these types of attacks and why every single employee is potentially susceptible to a social engineering attack.
Nov 8, 2021   |  By Kieran Roberts
Threat actors are employing more advanced social engineering techniques with ever increasing frequency. All sectors are open to attacks with the financial and reputational losses being significant. Exploiting human nature is not new. The methods used by hackers are getting more sophisticated and they are becoming better at manipulating human behaviour. This guide to social engineering will help you.
Oct 22, 2021   |  By Ali Ahsan
‘Privacy by design’, or as it’s now known, ‘data protection by design and default’, refers to Article 25 of the UK GDPR. This principle makes it a legal obligation for controllers to implement organisational controls which ensure data protection issues are addressed at the design stage of any project. But what does the regulation mean when it refers to organisational controls?
Sep 24, 2021   |  By Ali Ahsan
Following on from Brexit, the UK received a positive adequacy decision on its personal data security standards by the EU. Building on this, the UK’s Information Commissioner's Office (ICO) has opened a consultation period to introduce its new International Data Transfer Agreement (IDTA). The European Commission has also issued a draft update addressing the same thing. So what triggered this new work? It’s all in response to the work done by privacy activist Max Schrems.
Sep 23, 2021   |  By Emma Dockerill
Our team of penetration testers arguably have the most interesting and exciting roles within the business, or perhaps, in the world. From robbing banks to breaking and entering, pen testing isn’t your typical desk job. So we’ve asked them to share some of their most interesting stories to really give you career envy! Let’s see what we can find out about a day in the life of a pen tester.
Aug 20, 2021   |  By Adindu Nwichi
A 2019 report by Ofcom shows that 50% of ten-year olds own mobile phones. While viewing of video-on-demand (with YouTube as firm favourite), has doubled in the last five years among children. Platforms like TikTok are rapidly growing in popularity. Sadly, more and more children are being exposed to hateful, violent and disturbing contents on these platforms.
Sep 27, 2018   |  By Bulletproof
Confused about PCI compliance? Get a clear understanding of this much misunderstood standard with our Clarity On PCI Compliance white paper. This is the first in our 'Security First' series of white papers and provides an illustrated insight into the world of PCI DSS compliance. Inside we explain the requirements, dispel the myths and give you top tips for saving time and effort.
Sep 1, 2018   |  By Bulletproof
This Security First white paper will help businesses understand all aspects of penetration testing services, from planning and managing through to getting real value and benefit from the results. This whitepaper is not a guide for practitioners, but instead is aimed at people who need to procure, plan, and manage the lifecycle of a penetration testing project.
Aug 1, 2018   |  By Bulletproof
This white paper will provide you with a high-level understanding of GDPR's strategic aims and the challenges these present to UK businesses. In addition, we'll present helpful tips for interpreting, implementing and maintaining the new legislation and your approach to managing personal data.

We are your best defence from cyber threats. We are Bulletproof.

Here at Bulletproof, security's in our DNA. Our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data.

Investing in the future by securing today: Employees are the lifeblood of a company, and we are no exception. We’re proud to say our staff are passionate and experienced in all areas of information security – and certified by the likes of CREST and Tigerscheme. We also have a world-class infrastructure, with two PCI v3.2 compliant data centres and powerful SIEM software that was designed in-house.

24/7 Security Operations Centre: One of the major factors to our success is our UK Security Operations Centre (SOC). This is an in-house facility, staffed every hour day and night by our cyber security gurus. The SOC acts as a command station for all our security operations and, in the case of our Managed SIEM and Threat Protection services, are always geared up to deploy full incident management procedures, according to pre-defined runbooks, within moments of a security event being detected.

Trained. Experienced. Certified. That’s Bulletproof.