NCSC Feed
Provisioning and securing security certificates
5 years 8 months ago
How certificates should be initially provisioned, and how supporting infrastructure should be securely operated.
"Do what I mean!" - time to focus on developer intent
5 years 9 months ago
In this post I propose that the software development community should work on developing and then standardising security-related libraries that focus on what the developer is trying to achieve.
NCSC advice for Dixons Carphone plc customers
5 years 9 months ago
Advice for Dixons Carphone customers following its data breach.
Are security questions leaving a gap in your security?
5 years 9 months ago
Even the best authentication can't help you if there is an easy way to bypass it.
Cyber resilience - nothing to sneeze at
5 years 9 months ago
David K introduces the concept of cyber resilience, and the benefits it brings.
Protecting system administration with PAM
5 years 9 months ago
Remote system administration provides powerful and flexible access to systems and services.
Preparing for denial of service (DoS) attacks
5 years 9 months ago
It is not possible to fully mitigate the risk of a denial of service attack affecting your service, but there are some practical steps that will help you be prepared to respond, in the event your service is subjected to an attack.
Developing the cyber security profession – have your say!
5 years 9 months ago
Chris Ensor discusses the government's proposal to develop the cyber security profession in the UK.
Managing the risk of cloud-enabled products
5 years 9 months ago
Guidance outlining the risks of locally installed products interacting with cloud services, and suggestions to help organisations manage this risk.
GDPR security outcomes
5 years 9 months ago
This guidance describes a set of technical security outcomes that are considered to represent appropriate measures under the GDPR.
There's a hole in my bucket
5 years 10 months ago
...or 'Why do people leave sensitive data in unprotected AWS S3 buckets?'
Joint report on publicly available hacking tools
5 years 10 months ago
How to limit the effectiveness of tools commonly used by malicious actors.
NCSC advice for Marriott International customers
5 years 10 months ago
Advice for customers of Marriott International following the reports of a data breach.
Stepping up to multi-factor authentication
5 years 11 months ago
New guidance on implementing MFA to better secure online services
Phishing, spear phishing and whaling; does it change the price of phish?
5 years 11 months ago
Regardless of the type of phish, you'll still need multiple layers of defence to protect your organisation.
Making the UK the safest place to live and do business online
5 years 11 months ago
The NCSC's Chief Executive Ciaran Martin outlines why the UK needs a National Cyber Security Centre.
Application Development Guidance: Introduction
6 years ago
Guidance for risk assessors, and developers of applications which will be run on devices handling OFFICIAL data.
ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance
6 years ago
Guidance for those who want to understand and reduce the impact of the ROCA vulnerability.
Checked
4 hours 17 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed