NTA Monitor

Latest News

New version of network scanning tool arp-scan released

15th March 2011 A new version of a respected and popular network scanning tool has been released. Read More

Tests show rise in number of vulnerabilities affecting web applications with SQL Injection and XSS most common flaws

1st March 2011 SQL injection and cross-site scripting (XSS) were the most common flaws found in web applications in 2010 according to results from tests carried out by NTA Monitor. Read More

Assess risk to manage effects of budget cuts

9th February 2011 Signs of economic recovery may be appearing in some industries, but for most organisations - particularly in the public sector - budget cuts and cost savings are here to stay for the foreseeable future. Read More

"Basic security threats not changed in 15 years"

1st February 2011 There may have been significant technological advances to the hardware and software organisations use, but according to Roy Hills, who co-founded NTA Monitor in 1996, the basic security threats have not changed in the last 15 years. Read More

From the Perimeter

A quarterly newsletter, addressing the latest news and views from your leading IT Security Consultancy, NTA Monitor. Sign up to our newsletter for the latest industry insight and comment.

Browse previous Industry Comments

Getting the Big Picture from a penetration test report

Many people view a penetration test report as a list of deficiencies to be passed to the appropriate departments for fixing. 1st November 2010 Read More

Living with threats

Back in 2004, Bill Gates predicted that spam would be a thing of the past within two years. As we all know now, and quite a lot of people predicted at the time, far from being a solved problem, the volume of spam has continued to increase. 1st August 2010 Read More

Responsible Patching

Microsoft's response to the "zero day" exploit that was used in the cyber attacks against Google shows that software vendors still have a lot to learn when it comes to responding to vulnerabilities. 1st January 2010 Read More

Will IE6 be the next NT4?

All penetration testers will remember the long tail of Windows NT 4.0, and how this operating system continued to be used long past the point when security updates stopped at the end of 2004. For many years the presence of an unpatchable NT4 server was a common issue in a penetration test report, and it is only now, almost five years after security support ended, that finding an NT4 system on a network is becoming a rare event. 1st October 2009 Read More

The Return of the Insider Threat

When NTA started security testing twelve years ago, the main focus was on the insider threat. There were many reports with statistics showing that most security breaches were due to insiders. By contrast there was very little focus on the external threat via Internet and third-party network links. Back then many companies did not even have a firewall. 1st July 2009 Read More

The rise of information security compliance and regulation

The increase in information security compliance regulations shows no signs of slowing down as more and more business sectors are being required to comply with some form of information security regulations. Whereas a few years ago compliance was only a big issue for central government and the financial services industry, now retailers and local government are affected through PCI DSS and CoCo, and many companies need to ensure that their suppliers are compliant as well. 1st April 2009 Read More

The continuing problem of data loss

The reports of data loss incidents keep coming in. It seems that despite the huge publicity over the past year, loss of sensitive information is still happening at an alarming rate. 1st January 2009 Read More

Network Equipment Patching

Most organisations already have a policy in place for patching their servers and workstations. However, it is still apparent that many organisations do not patch their network equipment at all. In fact, those that regularly patch their networking infrastructure are in the minority. 1st July 2008 Read More

Forensic Readiness

Forensic examinations are often performed after an incident has occurred. Invariably, one of the lessons learned as a result of these investigations is that the audit logs could be improved to make any future investigation easier and more productive. 1st April 2008 Read More

UK Penetration testing accreditation

Accreditation for penetration testing companies and individuals is set to change this year, as two new certifications are now on offer: CREST and Tiger. The long-established and well respected CHECK certification will continue to be offered by CESG. 1st January 2008 Read More

Sign up to receive NTA's quarterly newsletter, From the Perimeter:

Fields in bold are required.

Contact details
Company details