Cyber Security

Trusted. Agile. Responsive.

Alcorn Group does things differently. We have a trusted team of vetted security consultants. This provides you with confidence whilst still having a responsive partner to meet your rapidly changing demands.

Alcorn Group offers a flexible and dynamic business approach, along with the confidence of the CREST accreditation. We work with business and government to provide individualised and flexible services designed to meet each project’s specific needs.

We bring a wealth of experience from our consultants who have worked for a range of different companies, spanning from some of the world’s largest multinationals, to government agencies and departments, to small independent businesses.

Penetration Testing

Web Application Assessments, Infrastructure Assessments and Mobile Application Assessments are just some services we provide.

Contact us

Threat Intelligence

Evidence based and intelligence driven organisation-wide cyber security reviews are part of our threat intelligence options.

Contact us

Advanced Persistent Threats

Preventing APTs involves your client applications along with your traditional critical assets. We specialise and excel in APT security assessments.

Contact us

Red Teaming

Red Teaming, Physical Penetration, Social Engineering, Phishing Campaigns and Browser Assessments are all part of the services we can provide.

Contact us

Virtual CISO

Alcorn Group will provide an experienced full-time or part-time CISO with the aim of boot-straping and increasing your organisation’s security maturity.

Contact us

Web Application Hacking Training

This course follows the methodologies and techniques detailed in the internationally acclaimed security reference, The Web Application Hacker’s Handbook. It includes all the OWASP Top 10 attacks and many more. The course has been delivered at BlackHat, HiTB, Syscan and Breakpoint.

This Web Application Hacking course is highly practical, with over 400 labs with vulnerable examples and a Capture the Flag. Alcorn Group is proud to have a licence to deliver this training within Asia Pacific.

Media Security Training

This training will ready you to explain security events to the media. It provides an opportunity to identify gaps in your understanding that will be required for an accurate and clear explanation to a mass audience.

This scenario-based training creates fictitious situations that may occur at your organisation and readies you to explain them to the media. Numerous scenarios are created that you could be confronted with along with ones that organisations have had to deal with in the past.

Burp Suite Training

This training provides you with both a theoretical and practical understanding of how to use the very popular hacking tool Burp Suite. Mastering this professional ethical hacker tool of choice will give you a capability to easily find vulnerabilities in your web applications.

Burp Suite has possibly been the most consistently high quality tool for assessing web applications for over a decade and the methodologies in this course are a must for any serious web application assessment.

Red Teaming Training

This training draws on experience in gaining access to organisations via physical, social and digital mechanisms. This highly practical training gives you an understanding of legal restrictions, obligations and those ever present “gotchas”.

You will learn techniques to blend into the background, gain trust and leave your target with a positive feeling. These methodologies can be applied imediately. This course gives you an understanding of successful techniques and how you might evolve them in your environments.

Browser Security Training

Amid growing concerns about attacks against browsers, this training teaches you how to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security attack methods, these attacks reach past the hardened network perimeter into the soft underbelly of the network.

This highly practical course follows the methodologies detailed in the internationally acclaimed security reference, The Browser Hacker’s Handbook.