JUMPSEC

London, UK
2012
  |  By shiba
In today’s rapidly evolving cybersecurity landscape, organisations must stay ahead of emerging threats and vulnerabilities to remain competitive. Two critical approaches to bolster security are Red Teaming and Penetration Testing. While these terms are often used interchangeably, they serve different purposes and employ distinct methodologies. Understanding the differences between Red Teaming and Penetration Testing is essential for implementing an effective cybersecurity strategy.
  |  By JUMPSEC
As offensive security specialists for over 10 years, we have tested countless organisations who believe their SIEM, EDR or MDR provider offers them comprehensive defense, only to find them lacking in fundamental areas. From our experience, some “traditional” in-house, yet adequately resourced, Security Operations Centres (SOCs) can still provide a robust defense, while others struggle to stay on top of emerging threats.
  |  By Sean Moran
Faced with year-on-year rising attack figures, law enforcement have struggled to adapt to the immense task of preventing ransomware and cyber extortion. By tracking and analysing attacker reported victim data, we seek to explore the significance of Lockbit’s recent takedown in the context of prior disruption efforts.
  |  By [email protected]
Recent supply chain attacks, from SolarWinds to 3CX and MOVEit, illustrate the impact that can occur when a single widely used software platform is compromised, thereby enabling attackers to use this initial access as an entry point into any number of subsequent networks. Often the intention is to propagate malware or leverage sensitive data to extort victim organisations.
  |  By donna
Cloud adoption is exploding, and rightfully so. Businesses are seeing the value of improved agility and efficiency when leveraging public cloud, resulting in 60% of all corporate data globally being stored in the cloud in 2022. As such, securing the cloud is becoming an increasingly important skill for defensive security teams, ergo red teaming the cloud is becoming increasingly important for us offensive security teams too.
  |  By [email protected]
Purple teaming gets its name from the combined effort of both the blue (defensive) and red (offensive) teams.
  |  By [email protected]
We’re transforming adversarial simulation by extending the limited, short-term scope of conventional consultancy exercises.
  |  By Sean Moran
You’ve probably encountered them. Self-reported ‘supplier security assessments’ – documents where fact and fiction can easily overlap if the requisite information cannot be readily validated. In reality, supplier questionnaires do offer an (albeit limited) indication of an organisation’s level of cyber maturity and are a necessary process.
  |  By Sean Moran
A number of JUMPSEC clients have expressed a degree of confusion about their preparedness for the new Digital Organisational Resilience Act (DORA). Enacted in December 2022, DORA has mandated regulations for financial sector organisations and their critical third-parties.
  |  By JUMPSEC
Acton-based cyber security company, JUMPSEC, recently visited a local primary school to share how its team protects some of the world's biggest brands from hackers, malware, and other cyber-attacks. As Ealing Borough's security partner, JUMPSEC has teamed up with the council to collaborate and deliver social value to the community. This kicked off on Friday 22nd of September, at Dairy Meadow Primary School in Southall as part of its first careers event of the academic year.
  |  By JUMPSEC
The JUMSPEC Detection and Response Team talk about their journey with Microsoft Sentinel. Based on experiences taking this approach on with clients, the challenges they have faced and the solutions they pushed to address them.
  |  By JUMPSEC
Inside Continuous Attack Surface Management - Bjoern Schwabe - Head of CASM, explains how we navigate data complexities, filter crucial insights and only true positives to secure your digital footprint. Through real-world examples, bridging the gap between technical intricacies and managerial understanding, gaining clarity on the vital role CASM plays in cybersecurity.
  |  By JUMPSEC
A red teamer’s forecast – Cloudy with a chance of hacks Our adversarial simulation team will outline how attackers exploit cloud infrastructure and offer strategies to counter their efforts. Key insights involve recognising significant security risks in cloud adoption, including emerging attack vectors, comprehending hacker tactics in cloud settings, and swiftly implementing effective measures to safeguard cloud environments.
  |  By JUMPSEC
Ransomware Update An insight into ransomware actor’s changing approaches focus on the issues and developments that matter most.
  |  By JUMPSEC
A red teamer’s forecast – Cloudy with a chance of hacks Our adversarial simulation team will outline how attackers exploit cloud infrastructure and offer strategies to counter their efforts. Key insights involve recognising significant security risks in cloud adoption, including emerging attack vectors, comprehending hacker tactics in cloud settings, and swiftly implementing effective measures to safeguard cloud environments.
  |  By JUMPSEC
Shifting perspectives in cyber security Our head of cyber security operations explains why evidence-based detections are critical to stopping attackers from achieving their actions and objectives earlier in the kill chain process.
  |  By JUMPSEC
Head of Adversarial Simulation Max Corbridge explains what is purple teaming and why it is beneficial for organisation to conduct a purple team exercise.
  |  By JUMPSEC
Our head of adversarial simulation, Max Corbridge explains what is a purple team exercise and the benefits to an organisation.
  |  By JUMPSEC
Our Head of Adversarial Simulation, Max Corbridge explains what is Adversarial Simulation and why is it valuable in cyber security. And why today a point in time penetration test is not enough.
  |  By JUMPSEC
Phishing attacks have adapted to improved cyber defences, with recent developments making these attacks as effective as ever. Max looks at why social engineering is being heavily used and what techniques are being used.

JUMPSEC’s mission is to change the way the organisations deal with security and enable organisations to use the security they have invested in to the fullest. Incrementally improving organisations cyber security protection year on year.

We offer a range of defined cyber security solutions to enable our clients to secure against cyber threats, and specialise in applying our broad cyber security capabilities to design and deliver custom projects and innovative solutions. The list below isn’t exhaustive and we regularly combine elements (and add new ones) to create custom solutions, solving unique challenges and realising specific outcomes for our clients.

Future proof your cyber defences and realise genuine improvement over time with offensive, defensive, and strategic cyber security solutions, delivering the outcomes you need by combating the threats you face.

  • Offensive: Replicating real-world cyber threats, leveraging current threat intelligence to accurately and authentically simulate adversarial tactics, techniques and procedures.
  • Defensive: Configuring, implementing, and tuning controls to build resilient network defences, high-fidelity detection, and effective response to combat even the most advanced attackers.
  • Strategic: Applying best practices, policies, frameworks and standards to create effective cyber transformation programmes, balancing risk reduction with the cost of change.

Future proof your cyber defences and realise genuine improvement over time.