JUMPSEC

London, UK
2012
  |  By Sean Moran
Faced with year-on-year rising attack figures, law enforcement have struggled to adapt to the immense task of preventing ransomware and cyber extortion. By tracking and analysing attacker reported victim data, we seek to explore the significance of Lockbit’s recent takedown in the context of prior disruption efforts.
  |  By [email protected]
Recent supply chain attacks, from SolarWinds to 3CX and MOVEit, illustrate the impact that can occur when a single widely used software platform is compromised, thereby enabling attackers to use this initial access as an entry point into any number of subsequent networks. Often the intention is to propagate malware or leverage sensitive data to extort victim organisations.
  |  By donna
Cloud adoption is exploding, and rightfully so. Businesses are seeing the value of improved agility and efficiency when leveraging public cloud, resulting in 60% of all corporate data globally being stored in the cloud in 2022. As such, securing the cloud is becoming an increasingly important skill for defensive security teams, ergo red teaming the cloud is becoming increasingly important for us offensive security teams too.
  |  By [email protected]
Purple teaming gets its name from the combined effort of both the blue (defensive) and red (offensive) teams.
  |  By [email protected]
We’re transforming adversarial simulation by extending the limited, short-term scope of conventional consultancy exercises.
  |  By Sean Moran
You’ve probably encountered them. Self-reported ‘supplier security assessments’ – documents where fact and fiction can easily overlap if the requisite information cannot be readily validated. In reality, supplier questionnaires do offer an (albeit limited) indication of an organisation’s level of cyber maturity and are a necessary process.
  |  By Sean Moran
A number of JUMPSEC clients have expressed a degree of confusion about their preparedness for the new Digital Organisational Resilience Act (DORA). Enacted in December 2022, DORA has mandated regulations for financial sector organisations and their critical third-parties.
  |  By JUMPSEC
Acton-based cyber security company, JUMPSEC, recently visited a local primary school to share how its team protects some of the world's biggest brands from hackers, malware, and other cyber-attacks. As Ealing Borough's security partner, JUMPSEC has teamed up with the council to collaborate and deliver social value to the community. This kicked off on Friday 22nd of September, at Dairy Meadow Primary School in Southall as part of its first careers event of the academic year.
  |  By Sean Moran
In the first half of 2023, UK ransomware attacks rose by 87% and by 37% globally. UK is the most targeted country outside the US and 20% of European ransomware attacks occur there. There has been increased exploitation of the financial services, insurance and IT sectors.
  |  By John Fizpatrick
Among the range of data leak sites monitored by JUMPSEC, our attention has been drawn to a recent variant called “UnSafeLeaks”, due to its distinctively malicious and personalised approach, setting it apart from typical leak sites that focus primarily on explicit financial extortion. Perhaps more remarkably, a number of targeted organisations also appear to have previously been compromised by closely affiliated groups, suggesting the potential re-extortion of victim organisations.
  |  By JUMPSEC
Our head of adversarial simulation, Max Corbridge explains what is a purple team exercise and the benefits to an organisation.
  |  By JUMPSEC
Our Head of Adversarial Simulation, Max Corbridge explains what is Adversarial Simulation and why is it valuable in cyber security. And why today a point in time penetration test is not enough.
  |  By JUMPSEC
Phishing attacks have adapted to improved cyber defences, with recent developments making these attacks as effective as ever. Max looks at why social engineering is being heavily used and what techniques are being used.
  |  By JUMPSEC
Anatomy of an Incident, presented by Matt Lawrence, Head of Defensive Security Matt talks through his experience of high-profile cyber security incidents and the key lessons learned in terms of preparing to respond to a crisis.
  |  By JUMPSEC
Benchmarking EDR/MDR Solutions presented by Tom Ellson, Head of Offensive Security We recently completed a review of a number of industry-recognised EDR and MDR solutions. This led us to take a novel approach that addresses many of the limitations and constraints typically met when undertaking this type of assessment. You will learn why context is key to threat detection, and how the different vendors performed in our realistic and representative environment against goal-focused attack paths.
  |  By JUMPSEC
UK Threat Landscape Trends - Presented by John Fitzpatrick, CTO John Fitzpatrick reflects on the last six months, examining the key threats and trends we have observed affecting UK institutions. Specifically, we will delve into ransomware threat evolution, presenting and discussing. This will build upon our predictions made at the last briefing, reviewing how the landscape has changed, how our predictions fared, and how it has been influenced by major cyber security events and developments.
  |  By JUMPSEC
Understanding Your “Attack Surface” presented by Max Garaffa Attackers can access a huge amount of open-source information about your organisation over the internet. You will learn how to locate this information, understand what is most dangerous, and what you can do to counter the threat. This intelligence can be used for both offence and defence, which we have explored in recent engagements for our clients.
  |  By JUMPSEC
Meet JUMPSEC and the team at our recent team building event
  |  By JUMPSEC
Our technical team give a demonstration and a walk through of the portal and how it can be used to help support your IT teams. With our JUMPSEC Managed Vulnerability Scanning Service.

JUMPSEC’s mission is to change the way the organisations deal with security and enable organisations to use the security they have invested in to the fullest. Incrementally improving organisations cyber security protection year on year.

We offer a range of defined cyber security solutions to enable our clients to secure against cyber threats, and specialise in applying our broad cyber security capabilities to design and deliver custom projects and innovative solutions. The list below isn’t exhaustive and we regularly combine elements (and add new ones) to create custom solutions, solving unique challenges and realising specific outcomes for our clients.

Future proof your cyber defences and realise genuine improvement over time with offensive, defensive, and strategic cyber security solutions, delivering the outcomes you need by combating the threats you face.

  • Offensive: Replicating real-world cyber threats, leveraging current threat intelligence to accurately and authentically simulate adversarial tactics, techniques and procedures.
  • Defensive: Configuring, implementing, and tuning controls to build resilient network defences, high-fidelity detection, and effective response to combat even the most advanced attackers.
  • Strategic: Applying best practices, policies, frameworks and standards to create effective cyber transformation programmes, balancing risk reduction with the cost of change.

Future proof your cyber defences and realise genuine improvement over time.