Our Penetration Testing category offers a comprehensive collection of articles, guides, and resources. Learn about the latest tools, techniques, and methodologies used in penetration testing to uncover vulnerabilities. Stay informed on best practices for strengthening your organization’s defenses against cyber threats.
THEOS Cyber analysed vulnerability assessment and penetration testing findings across Singapore, Hong Kong, Malaysia, and the Philippines in 2025. Here is what the data reveals about where enterprise security risk is moving in APAC.
APAC Cybersecurity in 2025: What Real-World Penetration Testing Data Tells Us Read More »
When your enterprise deploys an AI chatbot, what does the security assessment actually cover? Traditional Vulnerability Assessment and Penetration Testing (VAPT) was built for deterministic systems: fixed behaviour, predictable responses, code-enforced authority. It finds what it was designed to find. What it wasn’t designed to find is what happens when a language model is given
Bank Negara Malaysia’s (BNM) revised Risk Management in Technology (RMiT) policy document, issued 28 November 2025, introduces the most significant update to Malaysia’s financial sector cybersecurity requirements in years. For banks, insurers, payment operators, and other regulated financial institutions in Malaysia, compliance is not optional: all requirements marked “S” (Standard) carry direct legal force, with
BNM RMiT 2025 Compliance: What Malaysia’s Financial Institutions Must Do Now Read More »
THEOS Cyber helps critical infrastructure operators meet Hong Kong’s new cybersecurity requirements through Managed Threat Detection and Response (MTDR) for continuous monitoring, Digital Forensics and Incident Response (DF/IR) for rapid incident response, and offensive security testing to identify vulnerabilities before threat actors do. Are your capabilities ready? Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Ordinance
Casinos in Southeast Asia are now prime targets for ransomware gangs, APTs, and POS malware groups. This report highlights recent breaches and the actors reshaping the casino cyber threat landscape.
Penetration testing (pen testing) is a critical component of any comprehensive security program. It simulates real-world attacks on computer networks or applications to scope out vulnerabilities that could be exploited by malicious actors. The primary goal is to evaluate the effectiveness of existing security measures and identify areas where an organization’s security posture is lacking.
What Is Penetration Testing Read More »
Penetration Testing vs Red Teaming Given the rise of Cybercrime and advancement of tools and techniques in cybersecurity, Organizations must work to continuously test and improve their security programs. There are different security assessments that an organization can employ for this. However, with the limitations on budget and resources, it is essential to understand and
Penetration Testing vs Red Teaming Read More »
What is Penetration Testing? Penetration testing, also known as Pentest or Ethical Hacking, is an authorized security exercise designed to find and exploit vulnerabilities on a system, network or application. It is a simulated attack performed by cyber-security experts, mimicking real world strategies and techniques, aimed to identify weaknesses on the system and evaluate how
Penetration Testing Methodology Read More »
Penetration testing and red teaming are popular security testing methods that organizations can use to identify potential vulnerabilities in their IT infrastructure. While both methods share some similarities, they differ in their goals, scope, and methodology. In this article, we will explore the differences between Pen Testing vs Red Teaming, and provide scenarios when either
Pen Testing vs. Red Teaming Read More »
Delivering Cyber Resilience
