Pentest Cyber

08/05/2026

"Good Luck!", "Pob Lwc!" & "Kia Kaha!" Nelson Belles in today's final at Cardiff Arms Park! (PTC logos / kit looking "almost" as good as the rugby) 🧐

20/04/2026

AI and Vulnerability Discovery:
Why “Human In The Loop” is more important now than ever

The release of Anthropic's Mythos and OpenAI's GPT-5.4-Cyber has brought a lot of attention to what AI can now do in security. Finding vulnerabilities at scale across operating systems and browsers is a genuine capability step forward, and the technology behind it will only improve.

But capability is not the same as coverage. AI is becoming increasingly effective at identifying known vulnerability classes and improving the quality of generated code.

𝐖𝐡𝐚𝐭 𝐢𝐭 𝐝𝐨𝐞𝐬 𝐧𝐨𝐭 𝐝𝐨 𝐢𝐬 𝐚𝐩𝐩𝐫𝐨𝐚𝐜𝐡 𝐚 𝐬𝐲𝐬𝐭𝐞𝐦 𝐭𝐡𝐞 𝐰𝐚𝐲 𝐚𝐧 𝐚𝐭𝐭𝐚𝐜𝐤𝐞𝐫 𝐝𝐨𝐞𝐬. It does not probe boundaries looking for unexpected behaviour, identify how a chain of low-severity findings can be combined into something critical, or draw on years of heuristic experience across different targets and environments.

As AI accelerates both development and automated security tooling, that 𝐨𝐮𝐭𝐬𝐢𝐝𝐞-𝐢𝐧 𝐩𝐞𝐫𝐬𝐩𝐞𝐜𝐭𝐢𝐯𝐞 𝐛𝐞𝐜𝐨𝐦𝐞𝐬 𝐦𝐨𝐫𝐞 𝐢𝐦𝐩𝐨𝐫𝐭𝐚𝐧𝐭, not less. The speed at which software is now being written, much of it AI-assisted, means the attack surface is growing faster than automated tools can meaningfully assess it.

“Human In The Loop” is not a fallback for when automated tools reach their limit. In a landscape where AI is accelerating both how software is built and how it is attacked, 𝐡𝐚𝐯𝐢𝐧𝐠 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞𝐝 𝐩𝐞𝐨𝐩𝐥𝐞 𝐰𝐡𝐨 𝐮𝐧𝐝𝐞𝐫𝐬𝐭𝐚𝐧𝐝 𝐚𝐭𝐭𝐚𝐜𝐤𝐞𝐫 𝐛𝐞𝐡𝐚𝐯𝐢𝐨𝐮𝐫 𝐚𝐧𝐝 𝐜𝐚𝐧 𝐭𝐡𝐢𝐧𝐤 𝐛𝐞𝐲𝐨𝐧𝐝 𝐭𝐡𝐞 𝐠𝐮𝐚𝐫𝐝𝐫𝐚𝐢𝐥𝐬 themselves is what separates a thorough assessment from a false sense of security.

At Pentest Cyber, 𝐭𝐡𝐚𝐭 𝐢𝐬 𝐰𝐡𝐚𝐭 𝐰𝐞 𝐩𝐫𝐨𝐯𝐢𝐝𝐞. If you want to understand what your systems look like from an attacker's perspective, 𝐠𝐞𝐭 𝐢𝐧 𝐭𝐨𝐮𝐜𝐡.

www.pentestcyber.co.uk
[email protected]

07/04/2026

𝗜𝗠𝗣𝗢𝗥𝗧𝗔𝗡𝗧 𝗖𝗬𝗕𝗘𝗥 𝗘𝗦𝗦𝗘𝗡𝗧𝗜𝗔𝗟𝗦 𝗥𝗘𝗠𝗜𝗡𝗗𝗘𝗥 - To postpone new CE auto-failure items and "𝗿𝗮𝗻𝗱𝗼𝗺 𝗱𝗼𝘂𝗯𝗹𝗲 𝘀𝗮𝗺𝗽𝗹𝗶𝗻𝗴 regime" for CE+ =>

𝗕𝗢𝗢𝗞 𝗡𝗢𝗪 (or VERY soon)

26/03/2026

As FY 2026/27 arrives, it’s the perfect time to prioritize this year's cyber security investment budget.

"Cheapest" can mean "worst value"; leaving your organization exposed.

Instead, choose proven quality: pro testing tools, unlimited retries, peer‑review, "no hidden extras" & clear, full reports.

Very experienced, fully vetted UK professionals. World quality, Wales prices.

Pentest Cyber is now taking bookings for 𝗖𝘆𝗯𝗲𝗿 𝗘𝘀𝘀𝗲𝗻𝘁𝗶𝗮𝗹𝘀 𝗣𝗹𝘂𝘀, 𝗣𝗲𝗻𝗲𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝗧𝗲𝘀𝘁𝗶𝗻𝗴, and 𝗜𝗧𝗛𝗖 𝗲𝗻𝗴𝗮𝗴𝗲𝗺𝗲𝗻𝘁𝘀 for the 2026/27 cycle.

Secure your preferred dates early and ensure your organization is protected by the best. 𝟑𝟔-𝐦𝐨𝐧𝐭𝐡 𝐨𝐩𝐭𝐢𝐨𝐧𝐬 for those showing "full financial fitness".

𝗕𝗼𝗼𝗸 𝗻𝗼𝘄 - 𝘀𝘁𝗿𝗼𝗻𝗴 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘀𝘁𝗮𝗿𝘁𝘀 𝘄𝗶𝘁𝗵 𝘀𝘁𝗿𝗼𝗻𝗴 𝗽𝗹𝗮𝗻𝗻𝗶𝗻𝗴.

[email protected]

Pentest Cyber - CREST Approved Pe*******on Testing, Cyber Essentials, IT Health Check and more.

11/03/2026

𝗣𝗲𝗻𝘁𝗲𝘀𝘁 𝗖𝘆𝗯𝗲𝗿 – 𝗘𝗻𝗱 𝗼𝗳 𝗙𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗬𝗲𝗮𝗿 𝗨𝗽𝗱𝗮𝘁𝗲

As we close out our second financial year within our 10‑year plan, I want to share a brief update with our long‑standing clients, recent new partners, and those considering working with us.

Despite challenging economic conditions for all organisations, Pentest Cyber continues to grow strongly. This year, every major financial and productivity metric increased between 𝟭𝟯% 𝗮𝗻𝗱 𝟲𝟮%, reflecting both market demand and the trust you place in us.

Demand for our core services: 𝗳𝘂𝗹𝗹 𝘀𝗽𝗲𝗰𝘁𝗿𝘂𝗺 𝗣𝗲𝗻𝗲𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝗧𝗲𝘀𝘁𝗶𝗻𝗴 and 𝗖𝘆𝗯𝗲𝗿 𝗘𝘀𝘀𝗲𝗻𝘁𝗶𝗮𝗹𝘀 𝗣𝗹𝘂𝘀 support; is at an all‑time high.

We expect to pass a significant financial milestone within the next three months, alongside the introduction of new capabilities that will further strengthen our offering.

Our guiding principle, “𝗪𝗼𝗿𝗹𝗱 𝗰𝗹𝗮𝘀𝘀 𝗾𝘂𝗮𝗹𝗶𝘁𝘆 𝗮𝘁 𝗪𝗮𝗹𝗲𝘀 𝗽𝗿𝗶𝗰𝗲𝘀,” remains unchanged.

We continue to invest heavily in:

• Highly qualified personnel, all 𝘃𝗲𝘁𝘁𝗲𝗱 𝘁𝗼 𝗮 𝗵𝗶𝗴𝗵 𝗴𝗼𝘃𝗲𝗿𝗻𝗺𝗲𝗻𝘁 𝘀𝘁𝗮𝗻𝗱𝗮𝗿𝗱

• Market‑leading professional tooling

• 𝗡𝗼 𝗵𝗶𝗱𝗱𝗲𝗻 𝗲𝘅𝘁𝗿𝗮𝘀, 𝘂𝗻𝗹𝗶𝗺𝗶𝘁𝗲𝗱 𝗿𝗲𝘁𝗲𝘀𝘁𝘀, 𝗽𝗲𝗲𝗿 𝗿𝗲𝘃𝗶𝗲𝘄𝗲𝗱 𝗿𝗲𝗽𝗼𝗿𝘁𝘀 as standard

We held prices firm for bulk-purchase clients this year and limited increases elsewhere to the absolute minimum; a commitment we intend to maintain given the wider geopolitical climate.

In an industry experiencing consolidation, exits and shifting ownership, we remain a 𝘀𝘁𝗮𝗯𝗹𝗲, 𝗽𝗿𝗶𝘃𝗮𝘁𝗲𝗹𝘆 𝗨𝗞 𝗼𝘄𝗻𝗲𝗱 alternative to VC/PE‑backed providers.

Our team remains intact, motivated and expanding; with additional capacity ready for 2026 and beyond.

Looking ahead, a new round of 𝟯𝟲 𝗺𝗼𝗻𝘁𝗵 𝗮𝗴𝗿𝗲𝗲𝗺𝗲𝗻𝘁𝘀 will become available after April 2026, supporting organizations seeking multi‑year stability, predictable budgeting and high assurance.

To all of our clients: 𝘁𝗵𝗮𝗻𝗸 𝘆𝗼𝘂 𝘀𝗶𝗻𝗰𝗲𝗿𝗲𝗹𝘆 𝗳𝗼𝗿 𝘆𝗼𝘂𝗿 𝗰𝗼𝗻𝘁𝗶𝗻𝘂𝗲𝗱 𝘀𝘂𝗽𝗽𝗼𝗿𝘁. As you shape your 𝟮𝟬𝟮𝟲/𝟮𝟬𝟮𝟳 𝗯𝘂𝗱𝗴𝗲𝘁𝘀, we hope this update demonstrates our commitment to long‑term partnership, transparency and excellence.

𝗞𝗮𝗿𝗹 𝗚𝗿𝗲𝗲𝗻𝗳𝗶𝗲𝗹𝗱
CEO, Pentest Cyber Ltd

26/02/2026

**BRIEF (3 min read) Cyber Essentials 2026 Changes**

It’s that time of year again, Cyber Essentials has received its annual refresh.

16/02/2026

** 𝗖𝘆𝗯𝗲𝗿 𝗘𝘀𝘀𝗲𝗻𝘁𝗶𝗮𝗹𝘀 𝗡𝗲𝘄𝘀 𝗥𝗲𝗹𝗲𝗮𝘀𝗲𝗱 𝟭𝟮/𝟬𝟮/𝟮𝟬𝟮𝟲 **

**𝗦𝗶𝗴𝗻𝗶𝗳𝗶𝗰𝗮𝗻𝘁 𝗖𝗵𝗮𝗻𝗴𝗲𝘀 𝘁𝗼 𝗠𝗮𝗿𝗸𝗶𝗻𝗴 𝗮𝗻𝗱 𝗖𝗘+ 𝗔𝘂𝗱𝗶𝘁 𝗦𝗮𝗺𝗽𝗹𝗶𝗻𝗴**

Active from: 𝗔𝗽𝗿𝗶𝗹 𝟮𝟬𝟮𝟲

𝗦𝗶𝗴𝗻 𝘄𝗶𝘁𝗵 𝗣𝗧𝗖 𝗽𝗿𝗶𝗼𝗿 𝘁𝗼 𝘁𝗵𝗶𝘀 𝗳𝗼𝗿 𝗲𝘅𝗶𝘀𝘁𝗶𝗻𝗴 𝗿𝘂𝗹𝗲𝘀 𝗮𝗻𝗱 𝗽𝗿𝗶𝗰𝗶𝗻𝗴 𝗿𝗲𝗴𝗶𝗺𝗲.

April 2026 - onwards = new question set, audit and pricing regime.

Any questions or to 𝗯𝗼𝗼𝗸 𝗡𝗢𝗪:

𝗶𝗻𝗳𝗼@𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗰𝘆𝗯𝗲𝗿.𝗰𝗼.𝘂𝗸
𝘄𝘄𝘄.𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗰𝘆𝗯𝗲𝗿.𝗰𝗼.𝘂𝗸

The Cyber Essentials scheme is updated annually to stay aligned with evolving threats.

27/01/2026

Celebrating Our 10th Birthday!
..and discussing plans to 2036; Pentest Cyber Ltd & you...

Well that went quick! We have completed hundreds of pentests, thousands of Cyber Essentials certifications and been through two large restructurings - thank you all for your support.

We look forward to supporting our old and new "friends" with the same high quality low-stress services, keeping cyber irritations to a minimum as we pilot the future together.

We're not going anywhere and are laying further foundations to evolve and succeed.

As a 10th birthday present, we have allowed founder Karl Greenfield a brief, constrained opportunity to talk uninterrupted while we pretend to listen to his thoughts on changes since he started in the industry in the vibrant Wales and South West of the 1980s.

Newspaper - second picture - far left - he doesn't look like that anymore!

Karl Greenfield:

"40 years ago many things were similar to now. It is just that over time, forms, vectors & methods of attack on our money, systems and technology have changed.

Back then, our Newport to USA analogue link allowing “almost real-time” interaction with our American friends was extremely rare and expensive.

Now even a £10 “smart”(!) watch (or spoon!) is available, “freely”; to a global audience.

1986 printed paper cheques had to be physically stolen and the inked content added to or amended. In 2026 they are intercepted, amended and cashed; all in their digital form.

Dumped stolen computers were collected from a Chepstow roundabout. Now they are “stolen” in situ on the desk, and “retrieved” by reformatting (of ransomware).

Security included “reel-to-reel” tape backups. These were kept locked in firesafes using 12” keys that sported a kinky leather fob to protect the “business ends”.

Engineering systems access meant “plug in a dongle” that may just switch a pin or two on a serial or parallel port, accounting system full access meant typing “letmein”.

Today we still use all these, (YES - the largest backups ARE still TO TAPE).

Our early networks used the live 240V electrical circuit cables (“H&S”?), & our minicomputers “twinax”. Now standardised copper. fiber & wireless serve all needs.

Like today’s datcentres, our mainframe & minicomputers were kept in environmentally controlled areas and locked “out of harm’s reach”.

The Supervisory Console & high speed cheque printers for the IBM Minicomputer were in an ante-room only accessible to seasoned computer professional keyholders.

1980s executives’ were dangerously keen for “new tech”. Computer mice had been observed being spoken into like “CB microphones”, then run along computer monitors in the hope that tech magic would ensue.

Fresh from watching 1983 film “WarGames”; “having a bash on the mainframe” for these people in shiny suits capable of "solar flare" levels of static discharge was NOT to be allowed.

Forgetting to “park” PC hard disks at the end of a working day could result in a repair bill equivalent to “£10K” in today’s money. Dropping the lid of a System 36 or instructing “POWER_OFF” for “fun” could have career-ending consequences. Opening of PC cases brought forth a small avalanche of cigarette butts, paperclips and 5 1/4" floppy disks somehow forced through the tiny gaps between disk drives.

The access controls, firewalls, and the many digital forms of "locked rooms, drawers and keys" in use today are evidence that all of these, in their evolved forms; still prevail.

Back then, you made the rules up yourselves, sometimes with reference to the vast tomes of shelved books (like the System 36 User Manuals or the Cisco Command Reference Books) but today best-practice methods of deploying defences exist as frameworks of guidance such as the “Cyber Essentials” programme.

Deployed defences of today are then best tested via professional-level pe*******on testing.

Pentest Cyber decided through demand to specialize primarily in providing these two services at maximum time efficiency, minimal stress and clear reports proving quality defences.

Recently we added "Cyber 101" to bridge the gap between "nothing and Cyber Essentials"

2026 still requires humans to oversee, arbitrate and test controls and defences.

This is also the case for the boundaries and products of Artificial Intelligence in its many forms.

Hello!? - Is anyone still there?"

Thank you Karl! WATCH THIS SPACE FOR FUTURE ANNOUNCEMENTS

06/01/2026

❄️ 2026 is going to be a big one! 🦁

👑 🎉 🍾 Look out for announcements. We can't wait. 😎

Happy New Year From all here at Pentest Cyber Ltd!

"Thank you" old friends and clientele:
"Welcome aboard!" to all our new clients and partners.

We look forward to helping you keep cyber irritations to a minimum as we pilot 2026's challenges together.

Best get the kettle on now.

19/11/2025

This is now more practical than ever and

"𝐫𝐞𝐚𝐜𝐡𝐞𝐬 𝐭𝐡𝐞 𝐩𝐚𝐫𝐭𝐬 𝐨𝐟 𝐍𝐂𝐒𝐂 𝐂𝐲𝐛𝐞𝐫 𝐀𝐬𝐬𝐞𝐬𝐬𝐦𝐞𝐧𝐭 𝐅𝐫𝐚𝐦𝐞𝐰𝐨𝐫𝐤 𝟒.𝟎 (𝐢𝐧𝐭𝐞𝐠𝐫𝐚𝐥 𝐭𝐨 𝐓𝐡𝐞 𝐂𝐲𝐛𝐞𝐫 𝐑𝐞𝐬𝐢𝐥𝐢𝐞𝐧𝐜𝐞 𝐁𝐢𝐥𝐥); 𝐭𝐡𝐚𝐭 𝐨𝐭𝐡𝐞𝐫 𝐩𝐫𝐨𝐝𝐮𝐜𝐭𝐬 𝐜𝐚𝐧𝐧𝐨𝐭 𝐫𝐞𝐚𝐜𝐡".

Pentest Cyber provide you with this, Cyber Essentials Plus and various pentests further to assist you - but don't book too late - slots fill fast.

The IASME Cyber Assurance standard is a comprehensive, flexible cyber security standard that ensures a range of proper measures are in place.