Remembering an old Internet banking vulnerability
The good old (Internet banking vulnerability) days! So a long time ago (25 years ago actually!) in a research centre not so far away, I helped
News and updates
Survey results: Security for Australian law firms 2022-23
2023 State of Cyber Maturity for Australian Law Firms The 2023 State of Cyber Maturity for Australian Law Firms survey invited legal professionals to share their
Hey nice business!
It’d be a shame if something happened to it! In the real, physical world, extortion is a real problem and across the world, certain gangs
Relax! it’s not my first time!
Oh for heavens sake! Can we all agree that the Optus event doesn’t really matter? I mean, it really does matter, of course! But still, it
Penetration testing stats from the past two years
Some penetration testing stats from the past two years It was the great Gordon Ramsay that said, “I don’t like looking back. I’m always constantly
Honing our blue team skills
Honing our blue team skills Cybersecurity is a never-ending game of cat and mouse that is played between attackers (who seek to damage or otherwise
Cyber insurance: A risky business
Cyber insurance. A risky business! As the frequency of cyber attacks increases and incident recovery becomes more expensive, it is important for businesses to have
It’s still borked? The amazing tale of the second breach
What? It (still) doesn’t work (again)? Just a quick update to our most recent blog-post… Things do change so quickly on the interwebs you know!
What? It’s borked? When on earth did that happen?
When on earth did that happen? Can you imagine that a reputable organisation would deploy a business-critical security service without first designing and testing it,
DotSec is a professional cyber security organisation with over 23 years of national and international experience. Since the late 20th century, we have assisted national and international clients across most industry sectors. We also provide assistance to all tiers of government.
DotSec professionals have credentials including PCI Qualified Security Assessor (QSA), ISO 27001 lead implementer, and ISO 27001 lead auditor, and we provide ISO/IEC 27001 implementation and preparedness services. DotSec provides audit and remediation advice for APRA’s CPS 234 and ACCC’s CDR. We have assisted companies to become compliant with controls from the Information Security Manual (ISM) and Protective Security Policy Framework (PSPF).
DotSec is a Payments Card Industry (PCI) Qualified Security Assessor (QSA) company. This means we are qualified to assist and assess companies that collect, store or process credit card data.
DotSec provides Managed SIEM and Detection and Response (MSIEM/MDR) services to a range of organisations in the government, retail, legal and engineering/architecture sectors. We are also a PCI DSS-compliant service provider, which makes life much easier for our PCI DSS customers, since we can provide an Attestation of Compliance (AoC) upon request, reducing our customers’ reporting obligations.
When it comes to testing and assessment, DotSec can deliver all the services you require, including vulnerability assessment (and management), penetration testing, red/blue/purple teaming, adversary emulation, and endpoint (EDR/XDR) protection-evasion and testing.
And we frequently provide maturity assessment and (more importantly) improvement services against standards and frameworks including ISO/IEC 27001:2022, the ASD Essential Eight, the CIS Essential Controls and SOC 2.
DotSec cyber security – Do more business, more securely!