Data theft 🔴 Attack
Data theft is a malicious act aimed at appropriating confidential information without authorisation.
Vulnerability 🟥 Weakness
A cyber security vulnerability is a weakness, flaw or defect in a computer system, software application or network that can be exploited by an attacker to compromise the security of that system.
A vulnerability is a weakness that exists, whether or not it is known or exploited.
In other words, it is a potential entry point for a cybercriminal. This vulnerability may reside in the source code of a software application, in an inadequate network configuration, in an insecure communication protocol, or in the behaviour of a user.
WAF (Web Application Firewall) 🟢 Protection
A Web Application Firewall (WAF) is a type of firewall designed to protect web applications by filtering, monitoring and blocking malicious inbound and outbound HTTP/HTTPS traffic.
Unlike traditional firewalls that focus on the network or transport layers, WAFs operate at the application layer of the OSI model. They are essential for preventing attacks specific to web applications, such as SQL injections, cross-site scripting (XSS) and Denial of Service (DDoS) attacks.
XSS (Cross-Site Scripting) 🔴 Attack
An XSS (Cross-Site Scripting) attack is the injection of malicious code into a legitimate website.
Zero Trust 🟢 Protection
Zero trust is a security strategy that stipulates that no entity (user, application, service or device) should be considered trustworthy by default, even if it is inside the organisation's network.