Pen Test Partners

Preparing for the EU Cyber Resilience Act (CRA)

TL;DR Raising the baseline for product security Product security has matured significantly over the last decade. Secure ...
Pen Test Partners

Compromising a multi-cloud environment from a single exposed secret

TL;DR Introduction In practice, it is still hard to keep secrets safe in the cloud. All major cloud service providers have ...
Pen Test Partners

Carlsberg… probably not the best cybersecurity in the world

TL;DR The exhibition My Wife and I visited the Carlsberg exhibition in Copenhagen in August 2025 and we were given wristbands ...
Pen Test Partners

PCI London Summit 2026

Our Paul Brennecker and Charles Hunter will be attending.
pentestpartners.com

In the News

Unit 2, Verney Junction Business Park, ...
Pen Test PartnersOpinion

AI noise and the effect it’s having on vulnerability disclosure programs

Managing vulnerability reports is difficult for an organisation.  In an ideal world, something like this happens: Everyone is ...
pentestpartners.com

Pwning WordPress GraphQL

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher or another uncovers a vulnerability in a ...
pentestpartners.com

Using AI Chatbots to examine leaked data

AI is proving to be a useful companion for analysing data at scale for forensic examiners (data that is already publicly available if not privately hosted). This involves building an AI chatbot system ...
pentestpartners.com

Pwning CCTV cameras

CCTV is ubiquitous in the UK. A recent study estimates there are about 1.85m cameras across the UK – most in private premises. Most of those cameras will be connected to some kind of recording device, ...