Welcome to ProCheckUp's Security Newsletter, the first edition for 2008!
In this issue we reveal ProCheckUp’s top vulnerabilities of 2007 and an opportunity to join the PCI User Group.
We are also pleased to announce that we were selected as medallists at the BCS Awards.
Kind regards,
Rebecca Goddard
Vulnerabilities
2007 was a very good year regarding vulnerability/security research for ProCheckUp. In fact, it was the most active year in the history of the company for carrying out research.
A high number of advisory bulletins were published (20 in total), and some advisories feature more than one security vulnerability! In this issue we have selected the top 3 vulnerabilities of 2007. Read the top vulnerabilities here:
In the News
There have been several stories about vulnerabilities and hacking in the media which ProCheckUp staff have made comments. See the articles which caught our attention here, hope you enjoy them too!
Hack in the Box
We are delighted to say that this year, one of ProCheckUp’s consultants will be one of the guest speakers at the Hack in the Box conference, which is being held in Dubai. The conference enables the dissemination, discussion and sharing of deep knowledge network security information, read about ProCheckUp’s guest speaker and the conference here.
ProCheckUp held a User Group recently, which was the most successful one yet. David Armstrong from Royal Bank of Scotland came to give a talk on PCI, which gave a really good insight into PCI from an acquiring bank perspective. He also answered our members’ questions, which no doubt will prove extremely beneficial, especially with the compliancy deadlines fast approaching.
The next user group will be held earlier March, to take advantage of its many benefits, join here:
Increased Penetration Testing - To Reduce The Window Of Opportunity For Attackers
Good security practice dictates that a penetration test should be conducted at least annually (more frequently on mission critical systems) but does your organisation test when a significant change is made on an application? (e.g. for PCI DSS)
Quite often due to the expense and the time-consuming nature of arranging a third-party test more regular auditing doesn't take place. ProCheckUp provides a subscription service that allows companies to pre-purchase infrastructure and application tests for the year and then call them off on demand. Normally ProCheckUp can react with less than two days notice and in some cases instantaneously.
ProCheckUp's subscription service ensures a cost-effective, flexible approach which minimises unnecessary paperwork and allows companies to budget for penetration testing throughout the year.
For more information on this please call 020 7307 5001.
ProCheckUp held a User Group recently, which was the most successful one yet. David Armstrong from Royal Bank of Scotland came to give a talk on PCI, which gave a really good insight into PCI from an acquiring bank perspective. He also answered our members’ questions, which no doubt will prove extremely beneficial, especially with the compliancy deadlines fast approaching.
The next user group will be held earlier March, to take advantage of its many benefits, join here:
ProCheckUp are proud to announce they were awarded medallists in this year's BCS IT Industry Awards. The category they were given recognition in is the SME Organisation of the Year Award within the Organisational Excellence Awards. This award acknowledges professionalism, innovation and the outstanding achievements to which individuals and groups contribute.
