CYBX - Cyber Security

Our Services

The CYBX cyber security team based in Malvern, Worcestershire, offers products and services to help your organisation become more cyber resilient and better prepared against attacks.

Penetration Testing

Vulnerability Assessments

Cyber Consultancy

Cyber Awareness Training

Phishing Campaign

Secure Network Design

Our Work

We have taken cyber security very seriously and we chose CYBX as our supplier for training and guidance to obtain the required accreditation, which we did successfully and on time. We are full of praise for the CYBX team and nothing was too much trouble for them.

CYBX Customer

I knew I needed to get Cyber Essentials certification as part of the Government drive for better cyber security. Not having a large team or infrastructure to review, I didn’t really know where to start. CYBX team’s knowledge and professionalism made this a really simple process and I would highly recommend others make use of their services.

CYBX Customer

We were very pleased with the penetration testing conducted by CYBX. The software provided to CYBX had been protected using a third-party application, but CYBX immediately identified that part of this protection had not worked correctly. CYBX advised us of the situation, allowing us to correct the problem. Thankfully, CYBX were happy to receive the updated protection and resume the pen testing, in which they identified yet another shortcoming in the protection applied. Without the work of CYBX, it is quite possible sensitive IP could have been exposed.

CYBX Customer

Blog Posts

The latest cyber resilience related blogs by the CYBX team

Encryption Technologies Explained

Encryption is used absolutely everywhere, and for many, there are a lot of burning questions. How does encryption work? What makes a ‘good’ encryption technology? How does it secure your data? These are all questions we receive on a regular basis. Encryption is an enormous subject area, and rightly so. While the concept, in practice,[…]

Risk of re-use: Password Security

This week is an ideal time to provide some insight and context for those who re-use the same password across multiple websites and services. We’ve touched on this topic previously, but a more thorough explanation may help you re-evaluate your existing password security. The risk with re-using passwords isn’t limited to the strength of the[…]

Security Attacks on COVID-19 research facilities

We’re seeing a substantial increase in the number of attacks against the COVID-19 supply chain, with a significant focus placed on those producing vaccines. A recent report by the UK National Cyber Security Centre (NCSC) provides advisories on identifying and mitigating the attack vectors used to compromise systems for data exfiltration. Investigation by NCSC and[…]

Integrating Security into your Development Pipelines

Implementing security into an already established and successful development pipelines can be both difficult and intensive. However, ensuring that product delivery also encompasses security through relevant testing is vital for continuous improvement. Our article this week will focus on how you can begin to review and implement security testing into your development pipelines, and how[…]

Use your downtime to upskill

Our article this week is going to touch on the lighter side of the current situation. Now that we are all adjusting to working remotely, it is worth taking a moment to upskill and consider the opportunities that you’re faced with. Whether it’s the elimination of your commuting time, more availability in the evenings, or[…]

Security in your Software Development Lifecycle

Your software development lifecycle likely includes some form of Quality Assurance testing. QA testing is an excellent strategy to demonstrate your application works as intended and meets all key requirements your client has specified. Implementing security into your development lifecycle can seem daunting. However, secure design, assurance to your client, improved reputation are invaluable payoffs.[…]

Botnets, Credential Stuffing and mitigation

Dark_Nexus Botnet BitDefender researchers have recently identified a new botnet, dubbed “dark_nexus”. This botnet is similar to the Mirai botnet from back in 2016, but instead targets IoT devices to perform distributed denial of service (DDoS) attacks. This botnet grows primarily by using credentials stuffing attacks against different types of devices such as routers, video[…]

Backups: tips from the team

Our article focuses on some important ideas for how to implement your own backup strategy or refine your existing processes to protect your data. When faced with technical failure or an attack, be it against your business or personal network, having a set of data you can access to recover any lost data is the[…]

Confidentiality, Availability and Integrity

Confidentiality, availability and integrity, known as the CIA triad, are considered the most crucial parts of security. Confidentiality – is the assurance the information is not disclosed to unauthorised individuals, processes or devices while making sure authorised personnel can. The confidentiality of data can be adhered to by utilising strong complex passwords, two-factor authentication and[…]

Event logs

Event logs are detailed records containing information relating to what occurred on the device. A log entry is created for every event and application notification on a device within the network and are often categorised with a severity level ranging from information through to critical. Windows event logs can be utilised by the network administrators[…]

Previous Next

Contact Us

STAY IN TOUCH

Sign up for email updates on CYBX news & services. Our monthly newsletter includes helpful hints & tips to you improve your cyber resilience

CYBX is the borwell brand for its Cyber Security team, services and products.