CYBX - Cyber Security

Our Services

The CYBX cyber security team based in Malvern, Worcestershire, offers products and services to help your organisation become more cyber resilient and better prepared against attacks.

Penetration Testing

Vulnerability Assessments

Cyber Consultancy

Cyber Awareness Training

Phishing Campaign

Secure Network Design

Our Work

We have taken cyber security very seriously and we chose CYBX as our supplier for training and guidance to obtain the required accreditation, which we did successfully and on time. We are full of praise for the CYBX team and nothing was too much trouble for them.

CYBX Customer

I knew I needed to get Cyber Essentials certification as part of the Government drive for better cyber security. Not having a large team or infrastructure to review, I didn’t really know where to start. CYBX team’s knowledge and professionalism made this a really simple process and I would highly recommend others make use of their services.

CYBX Customer

We were very pleased with the penetration testing conducted by CYBX. The software provided to CYBX had been protected using a third-party application, but CYBX immediately identified that part of this protection had not worked correctly. CYBX advised us of the situation, allowing us to correct the problem. Thankfully, CYBX were happy to receive the updated protection and resume the pen testing, in which they identified yet another shortcoming in the protection applied. Without the work of CYBX, it is quite possible sensitive IP could have been exposed.

CYBX Customer

Blog Posts

The latest cyber resilience related blogs by the CYBX team

GraphQL, a new option for API creation

As software engineers, we are extremely familiar with the core functionality of REST for APIs. Recently, a modern alternative, named GraphQL, has been developed to provide improved flexibility of queries when compared to the comparative static nature of REST APIs. GraphQL has been developed to mitigate the existing problem inherent within REST APIs, Overposting, where[…]

Breaches at scale – a look into BlueLeaks and protecting your data

Data breaches have always been an understandably worrying topic for most. The fear of having your information; your name, address, contact information or even credit card information is one of the largest concerns when considering digital security. In most recent events, nearly 270 gigabytes of data have been leaked and published in the latest release[…]

Permissions on mobile devices

Application permissions govern what the application can access on the mobile device. These are a protective barrier between the developer of the application and the sensitive information stored on the user’s device. When the user installs the application for the first time the application will ask for permission for a feature. For example, a map[…]

Managing and Monitoring your Network

This week, we will focus on ways that you can begin to integrate useful software into your network, especially as a small business, to help you keep an eye on your devices and services in real-time. Network Monitoring tools help you to track the status of your most important assets. This could be all your[…]

Insider Threat

Insider threat has been a long-standing concern amongst business, and there are important considerations from both an operational and a security perspective to manage, mitigate and respond to risk appropriately. This is not strictly limited to the employees currently in the business, but also those who have previously left. Insider threat is designed by any[…]

Mobile Application Security

Mobile Application security focuses on assessing the security posture of applications on various mobile device platforms (i.e. Android, iOS and Windows). Mobile applications are being utilised by businesses across the globe to organise workforces, improve customer service, increase revenue, and connect with users from around the world. Like computers and websites, mobile applications have their[…]

Encryption Technologies Explained

Encryption is used absolutely everywhere, and for many, there are a lot of burning questions. How does encryption work? What makes a ‘good’ encryption technology? How does it secure your data? These are all questions we receive on a regular basis. Encryption is an enormous subject area, and rightly so. While the concept, in practice,[…]

Risk of re-use: Password Security

This week is an ideal time to provide some insight and context for those who re-use the same password across multiple websites and services. We’ve touched on this topic previously, but a more thorough explanation may help you re-evaluate your existing password security. The risk with re-using passwords isn’t limited to the strength of the[…]

Security Attacks on COVID-19 research facilities

We’re seeing a substantial increase in the number of attacks against the COVID-19 supply chain, with a significant focus placed on those producing vaccines. A recent report by the UK National Cyber Security Centre (NCSC) provides advisories on identifying and mitigating the attack vectors used to compromise systems for data exfiltration. Investigation by NCSC and[…]

Integrating Security into your Development Pipelines

Implementing security into an already established and successful development pipelines can be both difficult and intensive. However, ensuring that product delivery also encompasses security through relevant testing is vital for continuous improvement. Our article this week will focus on how you can begin to review and implement security testing into your development pipelines, and how[…]

Previous Next

Contact Us

STAY IN TOUCH

Sign up for email updates on CYBX news & services. Our monthly newsletter includes helpful hints & tips to you improve your cyber resilience

CYBX is the borwell brand for its Cyber Security team, services and products.