Security Blog

CyberSecurity Trends

CyberSecurity trends: what is going to happen in 2018?

Top 5 CyberSecurity trends for 2018 CyberSecurity trends: 2018 will surely be an interesting year as far as Cybersecurity is concerned. We already witnessed some big incidents, including data breaches and tumultuous developments regarding cryptocurrencies that led Governments of a lot of countries to issue official directives and implement actions in these directions. CyberSecurity trends: IoT & CyberSecurity threats We should

OWASP Top 10

OWASP Top 10: which are the main threats?

OWASP Top 10 The Open Web Application Security Project or OWASP , as we said in a previous article, is a not-for-profit organisation that aims at providing ‘best-in-class’ application security solutions. Their advices and tools are free, vendor neutral, unbiased yet practical. The organisation also lists the OWASP Top 10 web application security risks to help developers and system

Portability

Portability of the data: one of the rights introduced by the GDPR

Portability of the data: one of the rights The new General Data Protection Regulation (GDPR), other than data portability, confirms several rights of the data subject. Data subjects have the: Right to be informed; Right of access; Right to rectification; Right to restriction of processing; Right to erasure (right to be forgotten); Right to object; Rights related to automated individual decision-making, including profiling; Last but not least,

Source code

Source code: definition and introduction

Source code: what is it? Source code can be called source as well as code and it is the original version of a software. Basically, the way software has been written and typed into the laptop in the first place. That is the reason of its being in plain text. What do we mean when we refer to softwares?

OWASP

OWASP: Open Web Application Security Project

OWASP The Open Web Application Security Project or OWASP is a foundation that came into being on December 1, 2001. Basically, this foundation has a specific goal: improving software security. This not-for-profit organisation aims to provide unbiased, practical solutions to governments, organisations, educational institutes, trade organisations, groups, development organisations etc. OWASP offer tools and documents that have been

Cross site scripting

Cross site scripting: what do you need to know about it?

Cross site scripting Cross Site Scripting or XSS is a particular form of injection attack. Basically, attackers inject malicious scripts into a website. The attackers typically use web applications to transmit malicious codes, usually browser side scripts, to a different end user. In return, the web applications in a system generate output in response to the malicious input

Privacy policy

Privacy policy: what is its content according to the GDPR?

Privacy policy in the GDPR GDPR defines the content of the privacy policy that needs to be provided to the data subject in articles 13 and 14. These articles cover the following scenarios: “Information to be provided where personal data are collected from the data subject” “Information to be provided where personal data have not been obtained

Personal data

Personal data: GDPR and data explanation

Personal data: what does GDPR say? In the first paragraph of the art. 9 of GDPR (General Data Protection Regulation) there is a definition of personal data. Attached to this definition, you can find the prohibition of processing such data: “Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade

Network scanning

Network scanning: why is it so important?

No matter how confident you are about your network safety, you can never be completely sure. This is why network scanning is so important. The kind of malicious attacks that are carried out these days are hard to believe. A vulnerable network can cause a big problem to systems and cause a huge loss in terms of business value. Hence,

Regular and systematic monitoring

Regular and systematic monitoring: what does it mean?

Regular and systematic monitoring What does regular and systematic monitoring mean? GDPR does not provide a specif definition. However, Recital 24 considers the “monitoring of the behaviour of data subjects” including in this concept every form of online profiling (even for behavioral marketing purposes). Such definition, in any case, does not only include the internet: we must