What is CVE and CVSS – Known Vulnerability Scoring Explained
It is common to hear these days about a known vulnerability having been exploited with the end result being a massive data […]
Why is Penetration Testing a Must for Banks and Financial Services?
Cybersecurity threats to financial services organizations are constantly evolving, and the need for robust security measures to protect customer data and confidential […]
Active vs Passive Reconnaissance in Cyber Security
Cyber Reconnaissance is an advanced form of cyber security intelligence gathering which involves gathering as much information about a target as possible […]
What Are The Different Types Of Penetration Testing? Everything You Need to Know
Penetration testing, also known as “pentesting” or “ethical hacking”, is a type of security testing used to evaluate the security of a […]
What is Cross-Site Request Forgery (CSRF)?
Cross-site request forgery (CSRF) is an attack technique that exploits the trust that a web application has in a user’s browser. It […]
What is HIPAA Penetration Testing?
HIPAA Penetration Testing HIPAA (Health Insurance Portability and Accountability Act) is a piece of legislation that was passed in 1996 in the […]
Sanitizing vs Encoding vs Escaping
Quite frankly, I cannot count how many times I’ve seen these 3 terms mixed up by folks at all levels in both […]
7 Types of Penetration Testing to Zero in on Vulnerabilities
A penetration test simulates the actions of a hacker in a cyber attack against your computer systems in order to find exploitable […]
Reflected XSS Cross-Site Scripting
What is Reflected Cross-Site Scripting (XSS)? Reflected Cross-Site Scripting vulnerabilities are a subcategory of XSS vulnerabilities. Reflected XSS attacks occur when an […]
Path Traversal (Directory Traversal) – Definition and Prevention
What is Path Traversal? A path traversal attack (also known as directory traversal) aims to access files and directories that are stored […]
Forced Browsing – Detection and Prevention
What is Forced Browsing? Forced browsing is an attack where the goal is to list and access resources that are not referenced […]