Akimbo Core are a Penetration Testing company offering world leading cybersecurity testing services, as well as cybersecurity training and consultancy, with our team of UK experts.
When it comes to locking down systems, there's a lot to keep track of and it's easy to miss something. Plus with so many different options for approaching cybersecurity, it can be difficult to know what is the best approach to achieve your goals. Our Penetration Testing service can give you confidence in your security stance. We'll work with your team, to tailor our approach to what you're trying to achieve.
With many companies now relying heavily on web and mobile applications the impact of a security vulnerability in one of these systems can be devastating. We offer testing for web technologies, covering everything from simple brochure websites to complex web applications and Application Programming Interfaces (API).
Whether you're looking to secure an on-prem internal network or your external infrastructure services. We can perform security testing of your systems. These reviews can cover internet-based threats, or the risks from guests, visitors, and disgruntled staff.
With so many companies moving workloads to major cloud platforms such as Azure and AWS, it's important to keep on top of your cloud security. We offer cybersecurity testing against cloud hosted applications, and infrastructure, as well as the cloud configuration itself.
WiFi networks are just another weak point in networks that can be targeted by attackers. We can review the configuration, encryption, and signal bleed of wireless networks to ensure that they're hardened against attack. As well as performing segmentation attacks to jump between networks.
Many organisations networks are configured to rely on strong perimeters; if your firewall is poorly configured then attackers may target services thought to be protected. Firewall reviews ensure that the device and its ruleset are properly hardened.
Our Security Review services help organisations ensure that their approach to cybersecurity covers all the key details needed to keep their organisation safe. These are not penetration testing services, but instead are open-book reviews designed to highlight weaknesses within your approach and offer guidance on improving your security maturity.
Staff leaving laptops unlocked over lunch or unattended on trains. What's the worst that can happen? We can review device builds to ensure they are secured against local vulnerabilities such as privilege escalation and that staff members can only access the resources they're authorised to.
We review your security stance in four key objectives against incidents of best practice, to provide an action plan of improvements to increase your overall security maturity.
Active Directory is a critical part of most organisations network security, as it controls authentication and authorisation across the network – we'll help ensure that it's locked down.
If you'd like to talk to the team about cybersecurity testing, get in touch below:
A couple of years ago I wrote an article about hashcracking with Hashcat and AWS; but that was back on Ubuntu 16.04 and it involved manually compiling the packages. So I thought I’d best update it for Ubuntu 22.04 and why not use the Nvidia ubuntu repos to make things easier too.Read More
First of all, what is username enumeration? It is when a web application has a feature that allows a user to supply a username and the application will disclose (not necessarily intentionally) if the username is valid or not. This is closely related to Username Disclosure, except in the latter the application is including valid usernames in server responses in some way, which allows an attacker to determine a username is valid without having to specify it first themselves. Both of these are an issue and both should be addressed.Read More
An authentication factor is something that is supplied to verify an identity – the most common example of an authentication factor is a password, a secret word used to authenticate yourself for access to an account. Multi-factor authentication is the requirement to supply several factors during authentication. This is often called “Two Factor Authentication” (2FA) as, most commonly, two factors are required, but it could, in some instances, be more and so MFA is the more general term.Read More
With modern platforms such as WordPress, WooCommerce, Magento, and Shopify, it’s now easier than ever to create an online store. However, many online retailers are not cybersecurity experts and might not be sure where to get started with securing their site.Read More
After publishing yesterday’s article about how frequently you should get a penetration test, I inadvertently started a discussion on Twitter about another aspect of penetration testing delivery: Should you change providers, or you should stick with who you know?Read More
Choosing a PenTesting provider can be difficult, how do you know if they’re good at what they do and they’ll make working together easy? Perhaps you have a provider already, but they’ve not lived up to your expectations.
Since choosing a testing provider is a critical part of your cybersecurity strategy, we’ve added a few things to consider here. We’re also available for advice and help if you’ve got questions about testing in general or how to get started with your strategy.Read More