Precursor Security

Welcome to the world of cybersecurity and penetration expertise with Precursor Security. As the driving force behind our commitment to fortifying the digital landscape, we stand as a collective embodiment of experience, innovation, and a shared dedication to online safety.

About Precursor Security

At Precursor Security, our mission is not only to secure digital systems but also to empower users through knowledge. With a combined background in various fields such as computer science, ethical hacking, and network security, our team is relentlessly focused on staying ahead of cyber threats.

Led by a vision to make cybersecurity accessible to all, we present an array of insightful blog posts, informative articles, and engaging content. Our goal is to demystify the complexities of cybersecurity, providing individuals with the tools and knowledge necessary to navigate the digital landscape securely.

Join us in understanding the fundamentals of online safety – from crafting robust passwords to navigating the dynamic world of cyber threats.

Take a look at my latest articles:

February 15, 2024


MITRE, the creators the popular ATT&CK Framework release version 15, with a key focus on detection engineering, visibility and ICS.

February 15, 2024

Tracking malware delivered by SEO Poisoning targeting multiple sectors in UK & EU (Precursor Security SOC)

The Precursor SOC responded to a major cyber incident where the root cause was targeted SEO poisoning. Further investigations uncovered a sophisticated campaign targeting key business sectors in the UK & EU.

February 15, 2024

Vulnerability Remediation - Do Not Forget Regression Testing

Extensive regression test coverage allows us to take and test changes quickly. It means even when the pressure is on to ’get it in’, we can still be safe in the knowledge we will not take the product backwards in our haste to be secure.

February 15, 2024

Extending Your Test Automation Pack Into Security

The client did not want or need DevSecOps. What they wanted and needed was an ability to test in an automated manner, adding security testing into their existing test processes by expanding upon their existing automation capabilities.

February 15, 2024

The Beginners Guide to Vulnerability Triage

This guide provides steps that can be taken for an organisation looking to implement a basic vulnerability triage process.

February 15, 2024

7 Steps To Secure Your Microsoft 365 Environment

Microsoft 365 is trusted by organisations large and small for their day to day operations. Email, data storage, document exchange, customer and company critical information are all entrusted to 365 for safe keeping. And yet out-of-the-box, or out-of-the-cloud as is more common, Microsoft 365 security features are configured for usability, rather than maximum security.

February 15, 2024

Communicating Cyber Security Risk to the Board

Communicating cyber security risk to the board can be a key function of senior security roles. While cyber risk oversight is a function of the board, be it fully or partially shared with internal teams such as the audit committee, the implementation, actual operation and management of the security program is not their responsibility

February 15, 2024

How to secure Microsoft Office Desktop Deployments – A Technical Guide

Microsoft has been pushing browser-based Microsoft 365 cloud for all office functions. However, their desktop office applications are just as popular as ever – especially Word, Excel and PowerPoint. Which is great news for cyber criminals as the end user workstation is a prime target for attack and often an overlooked link in any cyber security strategy.

February 15, 2024

Web Entrepreneurs: How can good cyber security make your cloud web app more valuable?

In our experience, security is often something that is begrudged as taking time and budget from development and customer experience. And if you believe your security comes from your cloud platform, I recommend that you read the ‘shared responsibility’ model that all the cloud providers use to limit their liability from security exposure.

February 15, 2024

Why Law Firms and the Legal Sector are such an attractive target for Cyber Criminals - and what to do about it

The legal sector handles highly sensitive information and controls huge sums of money on behalf of major businesses and individual clients alike - which makes it a very attractive target for cyber criminals!

February 15, 2024

The Beginners Guide to the NHS DSP Toolkit

NHS DSP toolkit is an abbreviation for the ‘NHS Data Security and Protection Toolkit’. An online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

February 15, 2024

Cyber Essentials: The Essential Guide

The Cyber Essentials requirements have undergone numerous updates over the last year, which have impacted both the overall scope of the assessment, as well as each of the key controls.