Bastion Security Group

Ben C. has put together some interesting thoughts on what impact Quantum computing will have on encryption in the future. #CyberSecurity #QuantumComputing

We are now a PCI 3DS Assessor company, in addition to being a PCI Qualified Security Assessor (QSA) Company, with Kin-Ming Looi as our initial PCI 3DS Assessor. 3DS (or Three Domain Secure or 3-D Secure) is a protocol designed to provide an additional security layer for online credit and debit card transactions, protecting against fraudulent actors. It allows cardholders to authenticate themselves with their card issuers when making Card Not Present (CNP) e-commerce purchases, helping prevent unauthorized CNP transactions and protecting cardholders and merchants from fraudulent purchases. PCI 3DS is part of the PCI family of standards, related to but separate from the more widely known PCI Data Security Standard (PCI DSS). While we became PCI 3DS assessors in response to a specific client requirement, it also represents an exciting new service area for us. Please contact us at [email protected] to hear about how we can help with your 3DS (or any other PCI) requirements. #PCI #CyberSecurity

This week Ahmed Ali has joined our team as a Principal Security Architect, in our Auckland Office. 🎉 With his extensive experience and deep expertise in cybersecurity, Ahmed will play a pivotal role in strengthening our capabilities and driving innovation across our security engineering practice. Ahmed brings a wealth of knowledge in security architecture and implementation, cloud security, network security, security detection and response as well as Identity and access management and a proven track record of delivering impactful solutions for complex security challenges. We’re excited to have Ahmed on board as we continue to help our clients navigate today’s evolving threat landscape and build secure, resilient environments. #Cybersecurity #Leadership #NewHire #Auckland #SecurityArchitecture #Welcome

This is one of the rewarding parts of the work we do and the team are always eager to share their knowledge and experience with students. If you're involved with a school / kura and would like to discuss running a similar session get in touch with Justina Koh #cybersecurity #outreach

This week Ian D. and his team walk us through one of the hidden pitfalls of browser synchronisation and how it caused an incident for one of our clients. #infosec #technology #cybersecurity

We're excited to sponsor OWASP day again this year, the team have a booth setup at the conference, if you're attending swing past and say hi! #owasp #appsec

This week we're speaking at 1st Tuesday Auckland where Simon Howard, James Fitzsimons and Ian D. will walk through the different phases of an attack. Unpacked: The Anatomy of responding to a Remote Access Attack Join us as we dissect the anatomy of a remote access attack from multiple perspectives. From the crucial stage of detection using threat intelligence, to exploring the processes a SOC analyst goes through to respond and contain using Endpoint Detection and Response (EDR) systems to finally the intricate details of forensic post incident analysis. Each speaker will bring a unique perspective and insight based on their years of experience in the field.

Our Auckland team is expanding and with that comes the need for more space! Last night we celebrated the opening of our new Auckland office. It was awesome to have many of our clients join us to mark the occasion. With such a diverse group from a variety of industries there were great conversations had, and a few war stories told as the night went on. If you're in Auckland and want to discuss how Bastion can help your organisation, or you would like a coffee and a tour of the new space, then get in touch with Sam Shute or Sinan Dalgic.

Eleanor Wright from our Tech team has put together this article covering the core concepts of malware and what to consider when developing prevention strategies. If you're looking to defend against malware, Bastion has a range of services from phishing campaigns, education and awareness, technical testing and assurance through to our Cassini threat intelligence service and managed EDR. Get in touch today if you'd like to discuss how we can help.

Sometimes, remote forensic acquisitions are just not meant to be, like peanut butter and jelly sandwiches. But that’s okay; we can revert to using traditional forensic methods. As seen above, a hardware-based write blocker will prevent data from the acquisition laptop being written back to the NVMe ‘suspect’ storage. The OpenText Tableau Forensic PCIe Bridge, along with the SATA/IDE and USB bridges, are tucked up within our onsite imaging kits, ready to hit the town as and when required, strategically placed across the country. Whether it’s an overt copy job or covert, we’re ready. Preservation is key, and we will follow the best-evidence approach when appropriate. As experts in this field, we understand what it takes to do things right. We can provide court-ready materials and give evidence if required. #DFIR #Forensics #investigations #expertwitness