OWASP Top 10 The Open Web Application Security Project or OWASP , as we said in a previous article, is a not-for-profit organisation that aims at providing ‘best-in-class’ application security solutions. Their advices and tools are free, vendor neutral, unbiased yet practical. The organisation also lists the OWASP Top 10 web application security risks to help developers and system
OWASP The Open Web Application Security Project or OWASP is a foundation that came into being on December 1, 2001. Basically, this foundation has a specific goal: improving software security. This not-for-profit organisation aims to provide unbiased, practical solutions to governments, organisations, educational institutes, trade organisations, groups, development organisations etc. OWASP offer tools and documents that have been
Cross site scripting Cross Site Scripting or XSS is a particular form of injection attack. Basically, attackers inject malicious scripts into a website. The attackers typically use web applications to transmit malicious codes, usually browser side scripts, to a different end user. In return, the web applications in a system generate output in response to the malicious input
Path traversal What is Path Traversal or Directory Traversal? Basically, it is an attack method where a hacker attacks or accesses files/directories, which are mainly kept outside a web document’s root directory. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, there is the chance to
SQL injection SQL injection (commonly known as SQLi) is one of the most common web hacking techniques. Basically, hackers place malicious code in SQL statement with the help of webpage input. SQLi has become one of the most recurrent methods to attack any system with the intent of stealing information. Since it helps hackers to
Penetration Testing: introduction Penetration Testing – In today’s world, where vulnerabilities are increasing and data breaches are consequently affecting companies, it’s easy to understand the importance of CyberSecurity. It doesn’t matter how hard the IT department works in order to avoid attacks, Cyber Criminals will always be a step ahead. Everything comes down to the
Vulnerability Assessment A vulnerability assessment is something neccesary that leads the customer or the user to a full picture of the situation. It lets you know the exposure state of your systems to the vulnerabilities. In order to make it possible there are several automized tools. These tools run deep controls on each system or application and recognize
Swascan will be part of this event First thing first: SMAU – where and when? Very easy: from 24 to 26 of October 2017 in Milan, Italy! We are in FieraMilanoCity, pavillon 4, stand B24. We strongly believe that these matters should be acknowledged by anyone who’s involved in a business. That’s why Swascan gives
Equifax data breach It should be easy for a victim to shut down the card, get new credentials and avoid losing money when a credit card is stolen. The real problem emerges with data that cannot be changed. Such as Social Security numbers or personal information. That is what happened in the recent cyber-attack that
Sweden leak: and it’s a disaster! How can it be so bad? It can… And it’s even worse than you think! Swedish Transport Agency (Transportstyrelsen) is responsible for a massive accident (see the Equifax breach): the Sweden leak. Basically, the information leak concerns all of the country sensitive data. It goes from transporters data to military secrets.
Cybersecurity guide The recent cyber attacks that encrypted thousands of information denying companies their access has made thousands of headlines. This has increased the value of cybersecurity companies ( see Cyber insurance ). We need to clear the smoke with a cybersecurity guide that could help you. It is actually a good thing that companies are
The IT colossus chose Swascan (cybersecurity cloud platform) for the 2016 edition of the most important italian technologic competition. All of this started a process that lead the company to change its business approach, foresee go-to-market and build relationships with national and international companies. Working side by side with a corporation can help a startup sharpen and change its business approach
