Your browser has been detected as Internet Explorer 6 or lower. Please note that some website functionality may be incompatible. Therefore we strongly recommend upgrading your browser.

7Safe Services

eDiscovery
7Safe’s London eDiscovery and litigation support services including processing using NUIX and legal review featuring Relativity and CaseLogistix on the iPad and iPhone.
Penetration Testing
7Safe’s security assurance featuring Vulnerability Assessment, Infrastructure Penetration Testing, Application Security Assessment and Web Application Security Assessment, PCI penetration testing, research labs and knowledge base.
PCI DSS
PCI DSS Compliance Consulting services for Merchants and Service Providers looking to gain compliance with the PCI Standard.
Computer Forensics
7Safe’s computer forensics team have a wealth of hi-tech law enforcement and commercial arena experience and contribute to the ACPO guidelines for electronic evidence
Training & Education
Global University-accredited information security training and hacking training featuring the CSTA, CSTP and CAST certifications which are premium and hands-on, (check wording) that are superior to the Certified Ethical Hacker (CEH) qualifications.

ACPO Guide for Electronic Evidence

Download Now

News & Events

PA’s 7Safe education team backs UK Cyber Security Challenge
The winner of the second annual UK Cyber Security Challenge, supported by 7Safe education services, part of PA Consulting Group, has been awarded a place on 7Safe’s leading information security certification course. PA’s Alan Phillips, IT security and risk expert presented the award to Cambridge University student Jonathan Millican, who was crowned the winne […]
Responding to the MS12-020 security vulnerability
On 13th March 2012, Microsoft released a security patch for the MS12-020 vulnerability relating to the remote desktop protocol (RDP). The identified vulnerability allowed attackers to execute arbitrary commands on systems running vulnerable RDP services over the network which could lead to denial of service attacks, or worse, to loss of sensitive data stored […]
Cyber experts share insights into why cyber security is no longer just a technical issue.
Cyber business is considered a main engine for future economic growth and the opportunity to use related technologies, such as the cloud, to reduce costs is a key part of the agenda for many organisations. Yet cyber crime is also increasing as are the indications that it is still not being treated seriously or is […]
Understanding the security risk from XPATH 2.0 – meet PA at Black Hat Europe 2012
On 14 March, PA Consulting Group’s Sumit Siddharth will be speaking at the world’s premier IT security event, Black Hat Europe 2012, focusing on the vulnerabilities associated with the programming language, XPATH 2.0. To schedule a meeting with Sumit during the conference, please contact us now. Sumit is a specialist in application and database security, [.. […]
PA Consulting Group acquires 7Safe Ltd to enhance its cyber security service
PA Consulting Group is pleased to announce that it has acquired 7Safe Ltd, a leading cyber security consultancy head-quartered in Cambridge. 7Safe’s expertise in security risk assessment, computer forensics, eDiscovery and education complements PA’s own long-established cyber security, risk and resilience capability, which has been in high demand in securing […]
Cyber Security Skill Gap Highlights Training Needs
An alarming increase in cyber attacks have recently been seen in the UK, many incidents of which have been widely reported in the media. The issue has naturally drawn attention to the urgency for companies to improve their security measures. Ironically, the UK has seen a huge drop in the number of pupils undertaking computing […]
Interview With 7Safe Pentester Reveals Latest Tools & Exploits in IT Security
Head of Penetration Testing at 7safe Sumit Sidharth (Sid), was recently interviewed by the Pentest Magazine to provide insights into his specialism in application and database security. Speaking from over seven years of successful experience within the IT Security Industry, ‘Sid’ talks candidly about his contributions towards a number of white-papers, articl […]
Brit PhD Student Excels in Pentagon Digi-Forensics Challenge
A computer science student from Lancaster University has become the UK winner of the digital forensics challenge, a global competition designed and hosted by the US Department of Defense. Christopher Richardson (AKA Ikarus) came first in the UK and ninth internationally among 1,791 competitors from 52 countries. The challenge was designed to test the ability […]
Hacking Oracle From the Web: Part 2
The first sequel of this paper was released in 2010 and it discussed the privileges needed to execute OS code when exploiting a SQL Injection in a web application which has an Oracle back-end. This paper examines new techniques to execute multiple statements via SQL Injection. No special privileges are needed to use these techniques […]
The 7Safe Penetration Testing team introduce Server Hardening
Server Hardening, sometimes referred to as a build review, is a relatively new service offered by 7Safe. This service is designed to assist IT management and security teams with the task of creating and adhering to defined policies or rule sets, whilst still providing useable systems. Many modern operating systems have advanced security measures and […]

The Value of Skype Messenger Data in eDiscovery Revealed

In this white paper, 7Safe reveals the value of Skype messenger data and how this data can be manipulated and subsequently integrated into an eDiscovery matter. All actions undertaken during the manipulation are fully audited allowing for repeatability, as per the ACPO guidelines for computer based evidence. Click to download (PDF) Recommend on Facebook Share [...]

Subscribe to the comments on this post

28th October, 2011

Hacking Oracle From the Web: Part 2

The first sequel of this paper was released in 2010 and it discussed the privileges needed to execute OS code when exploiting a SQL Injection in a web application which has an Oracle back-end. This paper examines new techniques to execute multiple statements via SQL Injection. No special privileges are needed to use these techniques [...]

Subscribe to the comments on this post

5th October, 2011

Youdetect Service Detects Illegal Acquisition of Multimedia

The illegal acquisition of multimedia by downloading streaming multimedia is one of the most common new developments in piracy but is yet to be responded to by the forensic community. YouTube Downloader (YTD) is currently the most prevalent software choice for illegally downloading multimedia content, assisting and supporting illegal downloading and multimedia piracy. YouDetect uses statistical [...]

Subscribe to the comments on this post

10th February, 2011

Thought leadership – Payment Card Industry Data Security Standard

Introduction Payment cards, whether they are debit or credit cards are an essential component of modern commerce. The branded card has moved on from acting as a passport for financial transactions and become a lifestyle statement of the individual holding the card. The potential use of payment card information is broadening. For example; a company’s [...]

Subscribe to the comments on this post

24th February, 2010

eDisclosure & Forensics – What do I need to know?

February 2010 | Authors: James Kent & Chris Dale Computer forensics is necessarily a new science. It has two broad components – the application of technological skills and equipment to the preservation and collection of electronic data from computers and other electronic devices, and the interpretation of the results of that collection to help lawyers [...]

Subscribe to the comments on this post

17th February, 2010

Hacking Oracle from the Web: Exploiting SQL Injection from Web Applications

February 2010 | Author: Sumit Siddharth (7Safe) This paper discusses the exploitation techniques available for exploiting SQL Injection from web applications against the Oracle database. Most of the techniques available over the Internet are based on exploitation when attacker has interactive access to the Oracle database, i.e. he can connect to the database via a [...]

Subscribe to the comments on this post

17th April, 2009

Metadata; The Silent Witness

April 2009 | Author: Adrian Cassidy(7Safe) Migration of litigation to an electronic age has brought about many challenges but these are equally confronted by the technology of which it is borne. Although metadata analysis will not always be crucial to every case it has to remain a fundamental consideration by all eDiscovery practitioners at [...]

Subscribe to the comments on this post

17th February, 2009

JUDE LAW, MY PHONE AND STOLEN IDENTITIES

February 2009 | Author: Stuart Clarke (7Safe) Click Here To Download The PDF Mobile phones can now store vast amount of information such as contacts, SMS, and e-mails. However, if your mobile phone fell into the wrong hands, your phone could give your identity away. Pictures As the saying goes, "A picture is worth [...]