NTA Monitor

Latest News

Living with threats

1st August 2010 Back in 2004, Bill Gates predicted that spam would be a thing of the past within two years. As we all know now, and quite a lot of people predicted at the time, far from being a solved problem, the volume of spam has continued to increase. Read More

Web application security goes from bad to worse in many sectors

27th July 2010 NTA Monitor's 2010 Annual Web Application Security Report analysed the data gathered from web application security tests performed for a wide range of industry sectors over a 12-month period... Read More

IT Managers get to grips with Internet security issues

4th May 2010 According to NTA Monitor's 2010 Annual Security Report, the average number of Internet security vulnerabilities afflicting organisations has fallen.. Read More

Responsible Patching

1st January 2010 Microsoft's response to the "zero day" exploit that was used in the cyber attacks against Google shows that software vendors still have a lot to learn when it comes to responding to vulnerabilities. Read More

From the Perimeter

A quarterly newsletter, addressing the latest news and views from your leading IT Security Consultancy, NTA Monitor.

Browse previous Industry Comments

Living with threats

Back in 2004, Bill Gates predicted that spam would be a thing of the past within two years. As we all know now, and quite a lot of people predicted at the time, far from being a solved problem, the volume of spam has continued to increase. 1st August 2010 Read More

Responsible Patching

Microsoft's response to the "zero day" exploit that was used in the cyber attacks against Google shows that software vendors still have a lot to learn when it comes to responding to vulnerabilities. 1st January 2010 Read More

Will IE6 be the next NT4?

All penetration testers will remember the long tail of Windows NT 4.0, and how this operating system continued to be used long past the point when security updates stopped at the end of 2004. For many years the presence of an unpatchable NT4 server was a common issue in a penetration test report, and it is only now, almost five years after security support ended, that finding an NT4 system on a network is becoming a rare event. 1st October 2009 Read More

The Return of the Insider Threat

When NTA started security testing twelve years ago, the main focus was on the insider threat. There were many reports with statistics showing that most security breaches were due to insiders. By contrast there was very little focus on the external threat via Internet and third-party network links. Back then many companies did not even have a firewall. 1st July 2009 Read More

The rise of information security compliance and regulation

The increase in information security compliance regulations shows no signs of slowing down as more and more business sectors are being required to comply with some form of information security regulations. Whereas a few years ago compliance was only a big issue for central government and the financial services industry, now retailers and local government are affected through PCI DSS and CoCo, and many companies need to ensure that their suppliers are compliant as well. 1st April 2009 Read More

The continuing problem of data loss

The reports of data loss incidents keep coming in. It seems that despite the huge publicity over the past year, loss of sensitive information is still happening at an alarming rate. 1st January 2009 Read More

Network Equipment Patching

Most organisations already have a policy in place for patching their servers and workstations. However, it is still apparent that many organisations do not patch their network equipment at all. In fact, those that regularly patch their networking infrastructure are in the minority. 1st July 2008 Read More

Forensic Readiness

Forensic examinations are often performed after an incident has occurred. Invariably, one of the lessons learned as a result of these investigations is that the audit logs could be improved to make any future investigation easier and more productive. 1st April 2008 Read More

UK Penetration testing accreditation

Accreditation for penetration testing companies and individuals is set to change this year, as two new certifications are now on offer: CREST and Tiger. The long-established and well respected CHECK certification will continue to be offered by CESG. 1st January 2008 Read More

The limitations of reactive patching

We're all aware of the huge numbers of patches that are being issued to fix security flaws, but these patches are invariably developed as a response to a vulnerability that's been discovered by a researcher or exploited by attackers. We see very little proactive patching based on generic issues or vulnerabilities that are known to affect other vendors' products. In short, vendors do not look beyond their own implementation when it comes to patching flaws and as a result, the products have avoidable vulnerabilities. 1st October 2007 Read More

Sign up to receive NTA's quarterly newsletter, From the Perimeter:

Fields in bold are required.

Contact details
Company details