Helping organisations focus cyber security efforts and resource on quantified, factual information rather than the wider ‘threat-mania’ industry view.

About Secrutiny

Organisations have become caught in a cycle of annual technology additions and a ‘strength in depth’ belief fed by messages of the volumes of threats that need defensive action propagated by vendors and the media.

Secrutiny has a very different approach…

We offer businesses a way to determine their cyber security risk and exposure, empowering organisations to inform and evidence security improvement priorities, leveraging current investments to secure themselves and augmenting with product only where appropriate.

Our Services

Cyber Risk Audit

Provides valuable insight into your current posture and hygiene to identify risk.

By getting control of hygiene, posture and risk, organisations can embed security within IT operations, rather than as an overlay, significantly reducing the attack surface.

Patrol Managed Services

Provides protection, detection & control capabilities for both operational and technical cyber risks.

Incident Response

When anomalous activity or Indicators of Compromise (IOC’s) are identified, Secrutiny can provide remote and on-site investigation within hours of engagement to significantly reduce the impact of an incident on your organisation.

Case Study

CYBER SECURITY IN LEGAL

Discover how a top 100 UK law firm moved to a risk reduction security model after realising the importance of IT hygiene, policy enforcement and user education when they fell victim to a targeted attack.
{
Secrutiny were able to quickly establish the root cause of the attack, raising a level of confidence within our team that undoubtedly helped us achieve a successful outcome.

Head of IT

{

Careers at Secrutiny

Marketing Assistant

Department

Marketing

Contract

Permanent

Experience

Qualified

}

Hours

Full Time

Location

Head Office

Pay

£20-£22k

Consultant Engineer

Department

Engineering

Contract

Permanent

Experience

Qualified with 1+ years experience

}

Hours

Full Time

Location

Head Office & Customer Sites

Pay

TBA

Cyber Security Development Engineer

Department

Security Operations

Contract

Permanent

Experience

Qualified

}

Hours

Full Time

Location

Head Office

Pay

TBA

Intern and Graduate Roles

Department

Service Desk

Contract

Full Time and Placement

Experience

Qualified and Students

}

Hours

Full Time

Location

Head Office

Pay

TBA

Secrutiny Blog

Shodan: The Search Engine for the Internet of Things

Shodan is a free security tool helping defenders keep track of all the computers on their network that are directly accessible from the Internet. Shodan makes it easy to search a subnet or domain for connected devices, open ports, default credentials, even known vulnerabilities.

Same Old File Types, Brand New Spam Campaigns

Spam and phishing campaigns remain a firm favourite infection vector for malicious actors but cybercriminals appear to be expanding the file types they abuse in an effort to find more effective ways to distribute malware.

Researchers Report Vulnerability in Microsoft Word Online Video Feature

Researchers at Automated Breach and Attack Simulation solution provider Cymulate have reportedly found a vulnerability in Microsoft Word’s online video feature that allows threat actors to replace legitimate YouTube iframe code with malicious HTML/JavaScript code.

New RTF-Based Campaign Distributing Agent Tesla and Loki Trojans

A new RTF-based campaign has been discovered by researchers at Cisco Talos that is distributing two different sophisticated information stealing trojans: ‘Agent Tesla’ and ‘Loki’, that has slipped under the radar of common anti-virus solutions. Learn more…

Surge in PowerShell Malware Infections from Phishing Campaign

Last week Secrutiny Analysts investigated suspicious emails sent to multiple employees within an organisation. The phishing emails could easily have been mistaken for genuine emails since it included the correct name and details of the victims. However, upon closer inspection, the emails were found to not be targeted at the organisation but part of an ongoing campaign using PowerShell. Learn more…

Rig Exploit Kit Is Back and up to No Good Again

RIG Exploit kit (currently the most used exploit kit) is now back, in its fourth upgraded version, and it’s up to no good again. Over the last few weeks, security analysts have been observing a rootkit named CEIDPageLock being distributed by the RIG Exploit kit.