NCSC Feed

Why trying to avoid trusting the KMS doesn't make sense (and other common misconceptions).

Andrew A explains what's new in a significant update to the NCSC's flagship cloud guidance.

Covering the ‘Product development', 'Design and functionality' and ‘Though-life’ aspects of product assurance.

Assessing the cyber security threat to UK organisations using Enterprise Connected Devices.

The NCSC hands over administration of the Certified Cyber Professional scheme, with details to be announced at CYBERUK 2022.

This report outlines the risks associated with the use of official and third party app stores.

A technical analysis of a new variant of the SparrowDoor malware.

Assessing the security of network equipment.

Latest version of the CAF focusses on clarification and consistency between areas of the CAF.

The 'Motivating Jenny' project is helping to change the conversation about security in software development.

How to reduce the likelihood of unauthorised content appearing within your organisation's social media channels.

Advice for organisations on implementing multi-factor authentication (or 2-step verification) to protect against password guessing and theft on online services.

This white paper explains how basic security controls can protect organisations from the most common cyber attacks.

Guidance for organisations that use, own, or operate an online service who are looking to start securing it.

Guidance for organisations wishing to deploy products that use IPsec.

Two new pieces of NCSC guidance replace Good Practice Guides 43 and 53.

Guidance to help the construction industry improve the security and resilience of their business against cyber threats.

This guidance is aimed at service owners and security specialists involved in the provision of online services.

Good practises for the management of public domain names owned by your organisation.

Trial project makes vulnerability scanning easier.