Category Archives: Vulnerability Assessment

CyberSecurity for SMBs: an issue to face as soon as possible

Cybersecurity for SMBs CyberSecurity for SMBs is a growing and growing need because enterprises are no longer the only target of hackers. However, hackers succeed in their attacks both because of: their skills; the lack of knowledge of the employees. As we briefly mentioned before SMBs need to implement their CyberSecurity measures because companies are one of the Read more »

OWASP Top 10: which are the main threats?

OWASP Top 10 The Open Web Application Security Project or OWASP , as we said in a previous article, is a not-for-profit organisation that aims at providing ‘best-in-class’ application security solutions. Their advices and tools are free, vendor neutral, unbiased yet practical. The organisation also lists the OWASP Top 10 web application security risks to help developers and system Read more »

OWASP: Open Web Application Security Project

OWASP The Open Web Application Security Project or OWASP is a foundation that came into being on December 1, 2001. Basically, this foundation has a specific goal: improving software security. This not-for-profit organisation aims to provide unbiased, practical solutions to governments, organisations, educational institutes, trade organisations, groups, development organisations etc. OWASP offer tools and documents that have been Read more »

Cross site scripting: what do you need to know about it?

Cross site scripting Cross Site Scripting or XSS is a particular form of injection attack. Basically, attackers inject malicious scripts into a website. The attackers typically use web applications to transmit malicious codes, usually browser side scripts, to a different end user. In return, the web applications in a system generate output in response to the malicious input Read more »

Path traversal: what do you need to know about it?

Path traversal What is Path Traversal or Directory Traversal? Basically, it is an attack method where a hacker attacks or accesses files/directories, which are mainly kept outside a web document’s root directory. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, there is the chance to Read more »

SQL Injection: what do you need to know about it?

SQL injection SQL injection (commonly known as SQLi) is one of the most common web hacking techniques. Basically, hackers place malicious code in SQL statement with the help of webpage input. SQLi has become one of the most recurrent methods to attack any system with the intent of stealing information. Since it helps hackers to Read more »

Penetration testing: what is it and what is its purpose?

Penetration Testing: introduction Penetration Testing – In today’s world, where vulnerabilities are increasing and data breaches are consequently affecting companies, it’s easy to understand the importance of CyberSecurity. It doesn’t matter how hard the IT department works in order to avoid attacks, Cyber Criminals will always be a step ahead. Everything comes down to the Read more »

Vulnerability Assessment: introduction and explanation

Vulnerability Assessment A vulnerability assessment is something neccesary that leads the customer or the user to a full picture of the situation. It lets you know the exposure state of your systems to the vulnerabilities. In order to make it possible there are several automized tools. These tools run deep controls on each system or application and recognize Read more »

SMAU Milan 2017: Swascan is coming!

Swascan will be part of this event First thing first: SMAU – where and when? Very easy: from 24 to 26 of October 2017 in Milan, Italy! We are in FieraMilanoCity, pavillon 4, stand B24. We strongly believe that these matters should be acknowledged by anyone who’s involved in a business. That’s why Swascan gives Read more »

Equifax data breach, Swascan explains what happened

Equifax data breach It should be easy for a victim to shut down the card, get new credentials and avoid losing money when a credit card is stolen. The real problem emerges with data that cannot be changed. Such as Social Security numbers or personal information. That is what happened in the recent cyber-attack that Read more »