Blog

XSS, SQL injection, and WAF

John Baldock

XSS – Cross-site scripting

XSS is a common form of injection attack on public facing web servers. Any web server can be vulnerable to attack, and websites now are feature-rich with multiple embedded databases, comments sections, and media… all of which increase the vector types that can be attempted by cyber criminals for various reasons.

more →

Blog

NCSC Guidance On Preparing For A Denial Of Service Attack

Alastair Horner

Distributed Denial of Service or DDoS is an attack where there is an attempt to render an online service unavailable by overwhelming it with traffic from multiple distributed sources.

The National Cyber Security Centre (NCSC) is a pivotal organization in cyber security advice and supports the most critical organizations in the UK, the wider public sector, industry, SMEs and the general public.

more →

Blog

Why IP Discovery Is The Best First Step For CISOs

What’s the best first step for CISOs when they have just started at a business? If you follow the NIST cybersecurity framework, and many other recommended processes, that step is to IDENTIFY.

According to Gene Abramov, CEO of US-based Depth Security “A new CISO needs to understand what the real-world security posture of the organization is.

more →