Blog – Innoculator

Is Vulnerability Management Broken?

25/11/2024 9:12 pm No Comments

In today’s IT landscape, organizations face a relentless range of cyber threats. To counter these, vulnerability management has become a cornerstone of good cybersecurity management.

The Illusion of Security: How Rules of Engagement Can Mislead

04/11/2024 11:45 pm No Comments

In the realm of cybersecurity pen-testing, the Rules of Engagement (ROE) are pivotal for structured, ethical hacking and vulnerability assessments. They specify what can and

The Challenges of Securing Acquired Environments Post-M&A

21/10/2024 3:59 am No Comments

Mergers and Acquisitions (M&A) are complex undertakings with significant strategic and operational benefits. However, they also bring with them a host of cybersecurity challenges, particularly

The Conundrum of Legacy Applications

08/10/2024 2:43 am No Comments

Legacy applications are software systems that have been in use for a long time and are based on outdated/ unpatched software. Despite their age, these

Recent Events & the Patch Gap

29/07/2024 11:28 pm No Comments

Let me be clear this isn’t a blog about apportioning blame to anyone. These sort of events have happened multiple times in the past, perhaps

Navigating the Rapid Exploitation of POC Code and LotL (Living off the Land) Techniques

18/06/2024 1:27 am No Comments

Organisations are grappling with the rapid discovery and disclosure of vulnerabilities, creating a complex environment for maintaining their cyber posture. The increasing number of vulnerabilities

Who to Blame? – PR and a Cyber Breach Blame Evolution

03/06/2024 9:58 pm No Comments

Having worked in cyber security for a very long time it has always been an interest to us when we see a data breach get

The Joys of Honeypotting

20/05/2024 11:06 pm No Comments

Time to talk about one of my favourite concepts in cyber security- Honeypots. I don’t know why, but the idea of honeypotting an attacker has

The Impact of Java Applications: Lessons from High-Profile Breaches

06/05/2024 5:04 pm No Comments

Organisations often choose Java for their applications due to its platform independence, robustness, scalability, and extensive ecosystem of libraries and frameworks. This widespread usage makes

Mind the Patch Gap

22/04/2024 10:04 pm No Comments

Its time to discuss what tends to be overlooked when it comes to cyber defences for an organisation. What is known in the industry as

Know your Signatures

09/04/2024 12:01 am No Comments

Lets start at the basics, Network IPS and IDS – Intrusion Prevention and Detection. IPS usually sits inline with the traffic flow and allows packets

Accepting the Risk

25/03/2024 10:26 pm No Comments

In the cyber security industry a phrase gets used when looking at legacy applications – “Accept the Risk”. This is often said when it comes

Thoughts on Healthcare and Legacy Systems

11/03/2024 10:15 pm No Comments

In the realm of healthcare, where the stakes involve not just the operational efficiency of providers but the very well-being and privacy of patients, the

Too many JVM’s – The Java Security Challenge

27/02/2024 10:42 pm No Comments

Understanding the JVM and Security Implications In the realm of application development, Java has long stood as a stalwart, known for its platform independence and

We Need to Talk about Log4J

12/02/2024 9:53 pm No Comments

CVE-2021-44228 (AKA Log4J) was released in December 2021, and remains one of the most exploited vulnerabilities still 2 years later! How can this be? What

Innoculator

Our Blog