Our Blog

The EU AI Act, effective since August 2024, introduces the world’s first comprehensive legal framework for artificial intelligence. It defines strict obligations for high-risk AI systems, foundation models, and deployers across sectors like healthcare, finance, and legaltech. This guide breaks down what the Act requires, who it applies to, and how organizations can prepare for compliance — including cybersecurity, documentation, and conformity assessments.

As biology becomes increasingly digital, the line between cybersecurity and biosecurity is disappearing. From genomic databases and lab automation to AI-designed proteins, the digital infrastructure of biology is under threat. This guide explains what cyberbiosecurity is, why it matters for biotech and healthtech, and how organizations can secure genomic data, lab systems, and AI pipelines against emerging cyber risks.

When we talk about “AI hacking,” we mean ethical testing — probing a system’s prompts, tools, data paths, and model behavior to uncover...

Learn how to build secure GenAI architectures in HealthTech. Avoid HIPAA/GDPR pitfalls with identity, data, and compliance guardrails.

Biotech companies are under pressure to prove strong data security and compliance. This practical ISO 27001 guide and checklist outlines what biotech firms need to know in 2025 — from protecting IP and clinical data to choosing the right auditor and reducing risk.

Navigating MDR cybersecurity compliance under the EU’s new medical and in vitro diagnostic regulations can be complex. This in-depth guide helps device manufacturers understand and implement the cybersecurity requirements of EU MDR (2017/745) and IVDR (2017/746) — from secure-by-design principles to post-market surveillance and CE certification. If you're building or selling connected medical devices or software in Europe, this is essential reading.

Learn how FDA regulation and cybersecurity guidance apply to software-enabled medical devices, from classification and submission to lifecycle risk management

Explore a real-world threat modeling example for a genomics platform using MITRE’s playbook, C4 diagrams, and STRIDE. A practical guide for healthtech and biotech security teams

Simplify HIPAA compliance with our Self-Assessment Guide. Quickly identify gaps, understand key requirements, and take actionable steps to strengthen your data security and meet regulatory standards. Ideal for startups, biotech, healthtech, and healthcare companies.

Discover why scaling biotech companies must prioritize security and compliance. Learn when regulatory triggers like HIPAA, GDPR, and FDA guidelines come into play — and how proactive cybersecurity strengthens growth and partnerships.

Modern biotech startups  increasingly rely on cloud infrastructure  to power genomic data analysis  and deliver applications to users....

Learn how to secure mobile applications against real-world threats. Our definitive guide to mobile pentesting covers essential tools, methodologies, common vulnerabilities, and best practices for iOS and Android security testing.

The lifecycle of black-box pentesting, from reconnaissance to reporting, showing how each phase builds on the last to expose vulnerabilities

In today's digital landscape, securing your Node.js apps is paramount. This guide provides key concepts & practices aligned with OWASP WSTG

Why would you want to know the current state of application security in your organization? There may be several reasons: You want to...

APIs are the glue of modern applications and the place most attackers aim first. At Sekurno we combine hands-on adversary techniques with rigorous methodology to find the flaws that matter. Read on for practical testing strategies, common pitfalls, and clear mitigations you can action today. If you are a beginner, this material introduces the perfect way to start your journey into the pentesting world. If you're a seasoned pro with years of experience in different cybersecuri

Master the essentials of cybersecurity compliance with our definitive guide. Learn how to navigate complex frameworks like SOC 2, PCI DSS, NIST, HIPAA, CCPA, GDPR, and ISO 27001, avoid common pitfalls, and build a security program that drives trust and resilience.

Cross-Site Scripting (XSS) vulnerabilities are akin to digital landmines—hidden in unexpected places, ready to be set off by an...

Learn how to build a robust application security program using OWASP SAMM and DSOMM frameworks.