Cyber insurance: A risky business
Cyber insurance. A risky business! As the frequency of cyber attacks increases and incident recovery becomes more expensive, it is important for businesses to have
News and updates
It’s still borked? The amazing tale of the second breach
What? It (still) doesn’t work (again)? Just a quick update to our most recent blog-post… Things do change so quickly on the interwebs you know!
What? It’s borked? When on earth did that happen?
When on earth did that happen? Can you imagine that a reputable organisation would deploy a business-critical security service without first designing and testing it,
It’s in the trees! It’s coming!
It’s in the trees! It’s coming! * Since March, we’ve been very busy providing incident-response and recovery services for organisations that have fallen victim to
Good news! DotSec’s AOC for Service Providers saves you money!
Good news! DotSec’s AOC for Service Providers saves you money! DotSec provides managed SIEM services to customers in a range of industries but as described
Dangling DNS records (part 3) – The final pluck!
Dangling DNS records (part 3) – The final pluck! In the final (?) part of our investigation into dangling DNS records and the risk that
Dangling DNS records (part 2) – Still dangling!
Dangling DNS records (part 2) – Still dangling! In our previous Dangling DNS records post, we examined the risks of leaving ‘dangling’ CNAME records pointing to
Dangling DNS records (part 1) – Abandon and dispair!
Dangling DNS records (part 1) – Abandon and dispair! Recently, there has been some interesting news describing how attackers have been able to take over
Worried about sophisticated, state-based cyber actors?
Worried about sophisticated, state-based cyber actors? As you will be aware of by now, the Prime Minister warned Australians of “sophisticated, state-based cyber actors” targeting
DotSec is a professional cyber security organisation with over 23 years of national and international experience. Since the late 20th century, we have assisted national and international clients across most industry sectors. We also provide assistance to all tiers of government.
DotSec professionals have credentials including PCI Qualified Security Assessor (QSA), ISO 27001 lead implementer, and ISO 27001 lead auditor, and we provide ISO/IEC 27001 implementation and preparedness services. DotSec provides audit and remediation advice for APRA’s CPS 234 and ACCC’s CDR. We have assisted companies to become compliant with controls from the Information Security Manual (ISM) and Protective Security Policy Framework (PSPF).
DotSec is a Payments Card Industry (PCI) Qualified Security Assessor (QSA) company. This means we are qualified to assist and assess companies that collect, store or process credit card data.
DotSec provides Managed SIEM and Detection and Response (MSIEM/MDR) services to a range of organisations in the government, retail, legal and engineering/architecture sectors. We are also a PCI DSS-compliant service provider, which makes life much easier for our PCI DSS customers, since we can provide an Attestation of Compliance (AoC) upon request, reducing our customers’ reporting obligations.
When it comes to testing and assessment, DotSec can deliver all the services you require, including vulnerability assessment (and management), penetration testing, red/blue/purple teaming, adversary emulation, and endpoint (EDR/XDR) protection-evasion and testing.
And we frequently provide maturity assessment and (more importantly) improvement services against standards and frameworks including ISO/IEC 27001:2022, the ASD Essential Eight, the CIS Essential Controls and SOC 2.
DotSec cyber security – Do more business, more securely!