Waarom HelloFlex group werk maakt van periodiek pentesten: “we kennen een hoog risicoprofiel”
- Case Study
Vandaag de dag is het, mede dankzij strenge privacywetgeving, steeds belangrijker om persoonsgegevens goed te beschermen tegen datalekken en misbruik. Meer en meer organisaties zijn dan ook op zoek naar een partner om de kwetsbaarheden in hun digitale producten bloot te leggen, zo ook HelloFlex group. We spraken hierover met Menno Methorst, Security Officer bij HelloFlex group.
Understanding the nuances: comparing vulnerability scanning and pentestingWhen talking with our customers, we often notice that some terms are used interchangeably. Often borrowed from English or used incorrectly over time, the distinction between a vulnerability scan and a pentest becomes blurry. In this article, we aim to provide clarity on these two important aspects of improving cyber security. Because there is a significant difference between the two. And not knowing the difference could have an impact on your cybersecurity policy.Read more
Comply or explain: European and Dutch regulations regarding information security
In the last couple of years, the importance of information security is recognized by businesses worldwide. Both the European Union and the Dutch state have introduced strict regulations to ensure the protection of personal data and sensitive, business critical, information. These measures can also mitigate the risk of cyber threats to your organization.
In this article, we discuss the importance of information security, basic measures you have to implement and the most important European and Dutch security laws and regulations, such as NIS2, Wbp, Wbni, NEN7510 and BIO. Moreover, we discuss how you can effectively comply with them
How pentesting in the cloud brings you closer to a 100% safe cyber security cloud environment
You might be familiar with this situation: you have a tip for your colleagues, but you struggle to explain it clearly. So, you quickly record a video to illustrate your point, right? At Dichterbij, they also value learning from each other, but these videos were usually shared via WhatsApp. Not entirely privacy-friendly and highly susceptible to data breaches. While WhatsApp provides end-to-end encryption, organizations have limited control over what happens to the information on their employees' mobile devices. Fortunately, Dichterbij found a solution in the form of an external tool that shares videos in a centralized cloud. However, CISO of Dichterbij, Patrick Thijssen, saw a risk in this approach: "By centralizing your information in a cloud, you become a 'honeypot' for cybercriminals." Hacksclusive was tasked to test any vulnerabilities in the system.