OSM-S Logo

Blog

Choosing the right Penetration Testing Approach | Auswahl des richtigen Penetrationstest-Ansatzes
Services

Choosing the Right Penetration Testing Approach

In the ever-changing landscape of cybersecurity, organizations rely on penetration testing to assess the security of their digital infrastructure. This practice involves experts simulating real-world cyber attacks to identify vulnerabilities before malicious actors can exploit them. Over time, various methodologies have emerged to conduct penetration testing. Initially, experts performed traditional assessments, meticulously probing for weaknesses. Subsequently, bug bounty programs gained popularity, incentivizing individuals to discover and report vulnerabilities. Now, Penetration Testing as a Service (PTaaS) has emerged as a novel approach, offering continuous security assessments through subscription-based models. In this article, we’ll delve into these diverse penetration testing methodologies, examining their strengths and limitations. By understanding those 3 different approaches, organizations can make informed decisions to fortify their defenses against evolving cyber threats.

Read More »
Digital Operational Resilience Act (DORA)
Compliance

1 Year Until DORA: Comprehensive Guide for Financial Service Providers

As we stand at the threshold of January 2024, the clock is ticking for financial service providers across Europe. The Digital Operational Resilience Act (DORA) is set to come into full effect in January 2025, marking a significant shift in the regulatory landscape. This impending regulation underscores the critical importance of digital resilience in an era where cyber threats loom large and operational continuity is paramount. In this blog, we’ll delve into the essence of DORA, outline the key requirements it imposes on financial entities, and provide a strategic roadmap to ensure compliance within the one-year timeframe.

Read More »
A secure Cloud hovering over a Hand | Eine sichere Cloud über einer Hand
IT Security

Cloud Security

IT services in the cloud are becoming more and more popular these days. Many companies have already made their way to the cloud or are in the process of migrating their infrastructure to the cloud. Obviously, this offers a number of advantages: fast service delivery, high scalability, seemingly unlimited resources, and very high availability at a reasonable price. In addition, you do not have to purchase your own server hardware and do not have to maintain it. Despite all these advantages, the security of the company’s applications and data in the cloud should not be overlooked. Even if conventional security technologies cannot be integrated into the cloud solution so easily, the security objectives remain the same: preventing unauthorized access, preventing data loss and maintaining availability.

So, what needs to be considered when it comes to cloud security?

Read More »
Security is guaranteed
Research

IP Camera Security Horror

Would you like to buy a nice (and cheap) wireless surveillance camera to monitor your entrance or other areas of your property? That was exactly what I wanted and after doing some research I found hundreds of offers for wireless cameras with Wi-Fi, SD-Card Storage, Pan & Tilt functionality and much more between 20 and 60 Euros. These are sold through various websites and shops, most of them look quite similar and also offer more or less the same functionality. I randomly picked a model with the features I required and ordered it online. About 3 weeks later the package arrived, but while waiting for it I rethought the whole idea of buying security equipment from an unknown manufacturer called “e-scam” and planned for a small review before really putting it to use.

Read More »

Get In Touch

If you are interested in our services or just want to talk about Information Security, Risk or Compliance, just contact us!

Get a Quote!