News and insights Updates and thoughts from our team Security Budgets & Why They Matter Posted on27 August 202427 August 2024 Did you spend 0% of your website’s budget on security? What about your new web application, new API, or even […] Learn more Where Are Your Hackers Located? Posted on16 May 202416 May 2024 Interestingly it doesn’t really matter. The thing to know is that they’re not located anywhere in particular. Or rather, wherever […] Learn more Do You Test Pens? Posted on3 April 202427 March 2025 Do You Test Pens? “Literally, what do you do all day?” That’s a question we get from time to time, […] Learn more Why caring is important in security Posted on12 March 202412 March 2024 Why caring is important in security When I started phew, I had very clear intentions about building a solid reputation […] Learn more The phew Top Ten Greatest Hits (…Of Vulnerabilities) Posted on18 October 202218 March 2025 First Up, The OWASP Top 10 Many of you who work or have backgrounds in web application development or cyber […] Learn more phew joins Government Marketplace for Information Security Professional Services Posted on6 September 20226 September 2022 We are delighted to announce that phew has been recognised as an approved supplier of security services on the New […] Learn more CERT NZ Quarterly Update Q1 2022 Posted on30 May 202230 May 2022 The Latest from CERT NZ What’s New? CERT NZ is a central organisation that receives cyber incident reports from both […] Learn more Discovering and Patching Vulnerabilities Posted on17 March 202217 March 2022 Background Software is constantly changing. Application and package authors tweak and update existing code more or less continually to provide […] Learn more Was Kaseya A Supply-Chain Attack, And Why Does It Matter? Posted on10 August 202110 August 2021 If the Kaseya attack was a “supply-chain attack” in terms of the industry accepted definition then it is a stretch […] Learn more