|
By Cyber Insights
The castle-and-moat model is simple: build strong perimeter defences, trust everything inside. Firewalls, VPNs, and access controls create a protective shell, and the business assumes safety within that shell. But today’s attackers don’t always need to scale the walls. They can: Once inside, attackers move laterally, escalate privileges, and seek valuable targets like domain controllers, email servers, and customer data.
|
By Daniel Ansett
Notepad has been a fundamental tool since its debut in Windows 1.0 back in 1983. Over the years, it has served countless users for everything from jotting down quick notes to temporarily storing sensitive data such as passwords, phone numbers, and email addresses, due to its simplicity and ease of use. Many users, including myself, often rely on Notepad for this kind of temporary storage. It’s common to quickly paste sensitive information into a blank tab for convenience.
|
By Luke Peach
The GDPR sets out clear principles for how personal data should be handled. Here are some that AI tools can easily clash with.
|
By Jordan Constantine
The Payment Card Industry Data Security Standard, or PCI DSS, is a set of globally recognised requirements designed to ensure that all companies that process, store, and transmit credit card data continually maintain a secure environment. It doesn’t matter whether you’re a small independent store or a large e-com brand, if your business handles payment data directly or through a payment gateway, PCI DSS applies to you.
|
By Eze Adighibe
A virtual Chief Information Security Officer (vCISO) is a senior cybersecurity leader who works remotely with your business, typically on a part-time, retainer, or per project basis. They bring with them the expertise of a full-time CISO minus the expense of hiring one in-house. vCISOs tend to be brought in to help shape security, strategy, manage risk, and guide businesses through compliance frameworks such as GDPR, ISO 27001, or Cyber Essentials.
|
By Jordan Constantine
Penetration testing (or ‘pen testing’) is a critical cyber security practice that helps businesses identify and fix vulnerabilities before attackers can exploit them. However, most businesses prioritise external threats, such as phishing, malware, and network breaches, while overlooking threats and risks that exist within the network.
|
By Luke Peach
ISO 42001 takes a risk-based approach and structure like other ISO standards and covers: with a focus on AI governance. Under the Annex A, it provides a list of controls, used to manage AI risks and ensure responsible deployment of AI systems. Under Annex B, it explains how to implement these controls, giving organisations the flexibility to adapt them based on their specific needs.
|
By Jordan Constantine
Although wireless networks are convenient, allowing teams to stay connected - whether they’re in the office, moving between spaces, or working from home - they are inherently more exposed than wired connections as they broadcast your network to the physical world. But this convenience often leads to overlooked security gaps, especially if your Wi-Fi is not regularly reviewed or was set up using default settings. A few common issues can arise because of this, including.
|
By Jordan Constantine
As the world of cyber continues to change, threats aren’t just becoming more sophisticated, they’re becoming harder to detect. Whether it’s a well-planned attack that slips past your defences, or a known vulnerability in your system, the question is: how do you test your security before an attacker does? Two of the most effective approaches that Bulletproof offers are penetration testing and red teaming, and which one you choose depends on what your business is trying to achieve.
|
By Jordan Constantine
Email continues to be the main attack vector for cybercriminals, a fact driven not only by it being the most widely used communication tool in business, but also by the evolving sophistication of cyber threats. Despite advancements in cybersecurity, attackers continue to exploit human vulnerabilities to bypass technical defences.
|
By Bulletproof
Confused about PCI compliance? Get a clear understanding of this much misunderstood standard with our Clarity On PCI Compliance white paper. This is the first in our 'Security First' series of white papers and provides an illustrated insight into the world of PCI DSS compliance. Inside we explain the requirements, dispel the myths and give you top tips for saving time and effort.
|
By Bulletproof
This Security First white paper will help businesses understand all aspects of penetration testing services, from planning and managing through to getting real value and benefit from the results. This whitepaper is not a guide for practitioners, but instead is aimed at people who need to procure, plan, and manage the lifecycle of a penetration testing project.
|
By Bulletproof
This white paper will provide you with a high-level understanding of GDPR's strategic aims and the challenges these present to UK businesses. In addition, we'll present helpful tips for interpreting, implementing and maintaining the new legislation and your approach to managing personal data.
- August 2025 (2)
- July 2025 (1)
- June 2025 (4)
- May 2025 (1)
- April 2025 (6)
- March 2025 (2)
- February 2025 (3)
- January 2025 (3)
- December 2024 (2)
- November 2024 (2)
- October 2024 (1)
- September 2024 (2)
- August 2024 (5)
- July 2024 (1)
- June 2024 (3)
- April 2024 (2)
- March 2024 (5)
- February 2024 (7)
- January 2024 (6)
- December 2023 (2)
- October 2023 (2)
- August 2023 (1)
- July 2023 (1)
- June 2023 (5)
- May 2023 (8)
- April 2023 (4)
- March 2023 (4)
- February 2023 (3)
- January 2023 (9)
- November 2022 (1)
- October 2022 (1)
- August 2022 (1)
- July 2022 (3)
- June 2022 (1)
- May 2022 (3)
- April 2022 (4)
- March 2022 (5)
- February 2022 (6)
- January 2022 (3)
- December 2021 (2)
- November 2021 (4)
- October 2021 (1)
- September 2021 (2)
- August 2021 (2)
- July 2021 (1)
- June 2021 (2)
- May 2021 (2)
- April 2021 (2)
- March 2021 (1)
- February 2021 (3)
- January 2021 (3)
- December 2020 (3)
- November 2020 (3)
- September 2020 (1)
- August 2020 (1)
- July 2020 (2)
- June 2020 (3)
- May 2020 (1)
- April 2020 (1)
- March 2020 (4)
- February 2020 (1)
- December 2019 (1)
- November 2019 (1)
- October 2019 (1)
- September 2019 (2)
- August 2019 (1)
- July 2019 (3)
- June 2019 (2)
- May 2019 (2)
- April 2019 (2)
- March 2019 (4)
- February 2019 (2)
- January 2019 (2)
- December 2018 (1)
- November 2018 (2)
- October 2018 (4)
- September 2018 (6)
- August 2018 (6)
- July 2018 (3)
- June 2018 (4)
We are your best defence from cyber threats. We are Bulletproof.
Here at Bulletproof, security's in our DNA. Our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data.
Investing in the future by securing today: Employees are the lifeblood of a company, and we are no exception. We’re proud to say our staff are passionate and experienced in all areas of information security – and certified by the likes of CREST and Tigerscheme. We also have a world-class infrastructure, with two PCI v3.2 compliant data centres and powerful SIEM software that was designed in-house.
24/7 Security Operations Centre: One of the major factors to our success is our UK Security Operations Centre (SOC). This is an in-house facility, staffed every hour day and night by our cyber security gurus. The SOC acts as a command station for all our security operations and, in the case of our Managed SIEM and Threat Protection services, are always geared up to deploy full incident management procedures, according to pre-defined runbooks, within moments of a security event being detected.
Trained. Experienced. Certified. That’s Bulletproof.