Bulletproof

Hertfordshire, United Kingdom
2016
  |  By Jason McNicholas
Malicious actors are always coming up with new and innovative ways to steal your money and information. This means it’s all the more important to be aware of these new attacks as they appear and know how to spot and respond to them. In this article I’ll be bringing attention to a new attack that has become increasingly common in recent months. That attack is called ‘Quishing’, and it is a specific new variant of the much broader attack known phishing.
  |  By Eze Adighibe
SOC 2 is an information security standard was created by the American Institute of Chartered Public Accountants (AICPA), as a way to provide assurance of an organisation’s management of data. SOC 2 compliance provides a framework to assess against five Trust Service Criteria (TSCs) – but more on those later. There are two types of SOC 2 compliance: Type I and Type II.
  |  By Oliver Pinson-Roxburgh
Bulletproof Co-founder & CEO, Oliver Pinson Roxborough, talks us through how hackers hide, the perceived threat from nation states, and what that means for your business.
  |  By Jemma Aldridge
It’s not surprising that adoption of Cyber Essentials certification is growing steadily year on year. It’s a valuable certification to have, not least of all for the many commercial opportunities it presents. But as a Cyber Essentials Assessor, one thing I see repeatedly is that poor network boundary implementation making reaching certification harder than it has to be – especially for smaller organisations. That’s what I’m going to be looking at in this blog.
  |  By Nicky Whiting
Implementing ISO 27001, the international standard for information security management, is a complex process that requires expertise, experience and careful planning. This blog explores why using a consultant for ISO 27001 implementation is crucial to not just ensure certification, but also (and perhaps more importantly), to build an information security management system that is tailored to your business and its objectives. To make sure your certification is actually working for you.
  |  By Richard Bradley
US data transfers... are they allowed? Well. Yes. It depends....it’s complicated. Let’s get stuck in and I’ll explain all. In July this year, the EU Commission made an adequacy decision for the new EU-US Data Privacy Framework (DPF). This can be seen as Safe Harbor 3.0. Essentially, in most scenarios, data transfers from the EU to the US are now permitted without the need for other mechanisms such as Standard Contractual Clauses (SCCs).
  |  By Chay Donohoe
This is a Bulletproof Tech Talk article: original research from our penetration testing team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. Some readers may remember an article published by Bloomberg entitled "The Big Hack: How China used a Tiny Chip to Infiltrate U.S. Companies".
  |  By Nicky Whiting
Data protection officers (DPOs) are often seen as secret weapons in an organisations’ operations arsenal. When done right, they can quickly and effectively make the headache of managing your data protection obligations go away – leaving you free to focus on running your business. But how do you know much DPO time you need? And why? That’s what I’m looking at in this blog.
  |  By Joe Beaumont
Over the past few years there’s been an explosion in demand for penetration testing services. What was once seen a service only needed by larger enterprises is now more affordable than ever and used by SMEs and startups. This increase in adoption is partly down to pen testing being an all-round useful cyber control, but it’s also driven by compliance.
  |  By Jordan Constantine
Get a real-world test of your security maturity with a red team test Learn more about red teaming.
  |  By Bulletproof
Confused about PCI compliance? Get a clear understanding of this much misunderstood standard with our Clarity On PCI Compliance white paper. This is the first in our 'Security First' series of white papers and provides an illustrated insight into the world of PCI DSS compliance. Inside we explain the requirements, dispel the myths and give you top tips for saving time and effort.
  |  By Bulletproof
This Security First white paper will help businesses understand all aspects of penetration testing services, from planning and managing through to getting real value and benefit from the results. This whitepaper is not a guide for practitioners, but instead is aimed at people who need to procure, plan, and manage the lifecycle of a penetration testing project.
  |  By Bulletproof
This white paper will provide you with a high-level understanding of GDPR's strategic aims and the challenges these present to UK businesses. In addition, we'll present helpful tips for interpreting, implementing and maintaining the new legislation and your approach to managing personal data.

We are your best defence from cyber threats. We are Bulletproof.

Here at Bulletproof, security's in our DNA. Our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data.

Investing in the future by securing today: Employees are the lifeblood of a company, and we are no exception. We’re proud to say our staff are passionate and experienced in all areas of information security – and certified by the likes of CREST and Tigerscheme. We also have a world-class infrastructure, with two PCI v3.2 compliant data centres and powerful SIEM software that was designed in-house.

24/7 Security Operations Centre: One of the major factors to our success is our UK Security Operations Centre (SOC). This is an in-house facility, staffed every hour day and night by our cyber security gurus. The SOC acts as a command station for all our security operations and, in the case of our Managed SIEM and Threat Protection services, are always geared up to deploy full incident management procedures, according to pre-defined runbooks, within moments of a security event being detected.

Trained. Experienced. Certified. That’s Bulletproof.