Identify your IoT vulnerabilities with our penetration testing and cybersecurity services.
Use our services to develop your cyber security and defend your client's world.
We help organisations to identify, evaluate, mitigate & respond to cyber threats.
Together, we can demystify cyber security in a way that is actually useful for you.
We help your organisation's security by: educating all those involved; determining the vulnerabilities in your technology; and helping you proritise and understand your improvements.
We keep the context of your organisation dead-centre, so you get advice and analysis that actually makes sense for you.
Working together regularly means the benefits are distributed throughout the organisation in a cost-effective manner.
The principals of what we teach can be applied many times on many different systems - there is little point in us telling you the same thing over and over.
Every person, every computer, every digital service and every connected thing from every country on this planet (and those in orbit) are targets for the bad guys
If they can target you, so should we.
They are all targets because, by volume, the majority of cyber attacks world-wide are launched in an untargeted fashion. It is also why we work with any organisation, regardless of size, industry and risk-levels: they all need protecting.
Simply put, these attacks are those that aren't aimed at a particular organisation or person. As a large amount of IoT devices are regularly exposed to the Internet, attackers can use automated tools to search for and exploit devices that have a known vulnerability. This is a classic untargeted IoT attack.
We are an information and cyber security consultancy - our business cards call us "Consultant Hackers". We do cool things with awesome tech whenever possible, however, we also know that the vast majority of what needs protecting is actually normal stuff for businesses, like yours, far and wide.
The Internet of Things (IoT) is increasingly prevalent in our everyday lives. These devices range hugely in their importance and complexity and so do their security requirements. Our skilled team attacks IoT systems from many approaches, including attack surface assessments, reverse engineering, protocol analysis, and attacks against alternative wireless technologies such as ZigBee, Z-Wave, Bluetooth and LoraWAN.
Industrial Control Systems (ICS) consist of many devices working as part of a larger operation. Individual ICS devices are typically very simple and have primitive levels of security. As these devices are networked a breach at one point in the system has a serious impact. Assessments of ICS involve understanding the vulnerabilities of each individual component and the potential impact of different types of breach.
IoT might seem like a little thing neatly tucked away in the corner of your living room, but actually, there are often stacks of technology in the background. We simulate attacks from over the Internet to your externally-facing infrastructure, as well as from trusted locations such as your office against the soft gooey internall-facing infrastructure to work out how resilient your IT systems are. Once you know what the problems are, they can be fixed.
Most IoT devices have an App or a web site to control them. Applications of all types can be highly complex and so deserve a concentrated assessment. If you publish applications or have custom applications written for you, this is particularly important as it is probably holding data that is critical to your success.
Some people would call us "sad" - typically we've been programming since we were less than ten years old and we tend to have the slightly clichéd teenage experience of going to secondary school and challenging the security capabilities of computer systems there.
One of us is fortunate enough to have an MSc in Software and Systems Security at the University of Oxford, (achieving a distinction grade both in the eyes of the university and those of GCHQ as they accredited the course, but we don't talk about that as they might get a big head).
It is important to constantly develop your skill set as a penetration tester, so we all have our own little mini crusade to gain further training and qualifications, hang-out at hacking conferences, and even go co-author books on penetration testing.
By now, you either know you want to work with us, or have more questions, either way you should get in touch. These are some of the methods you can use:
Email us: helpme@yg.ht
Call us: +44 161 398 0703
Our laboratory's snail mail address is:
13.01 Arrive, Blue Tower, MediaCityUK, M50 2ST
What3Words: ///reward.paint.towers
If you want to speak with us straight away, our office opening hours are Monday to Friday 9 am to 5pm UK time and we don't open on bank holidays.
If all else fails or an apocalyptic event occurs we will get out the CB radio.
We don't yet have a fleet of carrier pigeons but this could also be arranged.