Tried, Tested and Proven

Ransomware is a very topical threat to many organisations and individuals in today’s connected world. Recent high profile attacks on US hospitals have highlighted the damage this simple tactic can cause, along with the moral dilemma posed to the executives of the affected organisations. Whether you agree or disagree with some of the decisions made by the affected organisations, we can all conclude that ransomware poses some extremely complex moral and ethical questions for the victims themselves. Lets take a look at some of these complexities. Continue reading

Portcullis is proud to announce that we are official sponsor of the Securi-Tay V after party!

Securi-Tay V is an Information Security conference held by the Abertay Ethical Hacking Society and supported by Abertay University, Dundee.

The conference is now in its fifth year (hence the V), and is now a two day event held on February 26th and 27th, 2016.

Portcullis will be sponsoring the Securi-Tay V after party hosted at the Abertay Students’ Union.

In addition, we’re also pleased to announce that Portcullis will be sending not one, not two but three of our senior consultants to speak this year. The three presentations will be Graham Sutherland on detecting virtualised hosts, Jerzy Kramarz on insecurities in the SCADA world and Tim Brown on combining Red Teaming and DevOps. We hope you will enjoy.

Visit Securi-Tay’s web page to find more information about the event.

Following the announcements on 30th September 2015 of Cisco’s intention to acquire Portcullis, we are pleased to announce the deal has been formally completed and Portcullis is now part of the Cisco family.

Cisco has acquired the Portcullis entities in the UK, USA, Spain and France creating one of, if not the world’s largest security assurance teams. Portcullis joins the Security Advisory Services team and will form the nucleus of that team throughout EMEA and Russia.

More information on Cisco Advisory Services can be found here:


Paul Docherty, Co-Founder & Director

Where do I begin, today we celebrate our 23rd Birthday, we have gone through the growing pains, through the awkward teens and are now facing life as an adult. Its been quite a ride so far and, the truth is, we are just getting started.

The good ship Portcullis, privately owned and still steered by the founding directors; Mark Lane, Paul Docherty and Peter Edgeler, having spent most of its life moored up in the grange barn in Pinner (how I miss that barn) sailed the short distance to its new Dock at Portcullis House. Continue reading

We have all heard a great deal, for some time now, about the Internet of Things (IoT) revolution. To my simple mind IoT means machines talking to one another.

I Googled it and apparently the phrase was first coined by a Brit called Kevin Ashton in 1999. He is a tech entrepreneur who designs remote sensors and came up with the term to distinguish between data which is created by humans and then entered into computers, as opposed to computers collecting and swapping data without any need for our involvement. In the intervening years, IoT has rapidly taken shape with gadgets from phones to fridges and integrated itself into our daily lives.

Continue reading

For all the talk of foreign states hacking various organisations, criminal gangs seeking to monetise information and hacktivist groups, the truth is that most security incidents are caused by organisations’ own staff and normally they are trying to do something good for their employer. It is not malicious, it is just misguided and often is in line with company practice, culture or policy. Generally these incidents are small or near misses, but there are enough big ones to cause concern. Continue reading

Another year, another 44CON, a technical highlight in the security consultant’s calendar. Portcullis sent some of the Team to keep up to date on the latest attack vectors presented and to add to the pool of knowledge. Portcullis Penetration Tester James talks through his time at 44CON 2015. Continue reading