Security research, practical guidance and lessons from the field.
Australian businesses are shipping AI chatbots and RAG features faster than they secure them. What can go wrong and how AI security testing works.
Auditors expect an independent pentest, but the requirement is smaller and cheaper than most SMBs fear. What counts as evidence and when to book it.
Pentest pricing depends on scope, and scope is something you control. What drives effort, black box versus grey box, and the questions a good provider asks.
SIDSECURE original research: a remote unauthenticated directory traversal vulnerability in Mettler Toledo IND780 Advanced Weighing Terminal OT systems.
What the Optus data breach teaches about API security: environment exposure, authentication, test data handling, and the case for API penetration testing.