The training and skills medium
A CSRF (or Cross-Site Request Forgery) attack is a malicious technique in which an attacker encourages a user to perform unwanted actions on a web application to which they are already authenticated, without their knowledge. The aim is to divert the trust that the application places in the user, by exploiting session cookies or identifiers stored in the browser.
Cyber Threat Intelligence (CTI) is a systematic process of collecting, analysing and interpreting data relating to cyber threats.
Its aim is to provide organisations with actionable information to anticipate, prevent and respond to cyber attacks.
The CVE (Common Vulnerabilities and Exposures) is a standardised public repository that uniquely identifies and catalogues IT security vulnerabilities.
CVSS, an acronym for Common Vulnerability Scoring System, is a standardised system for assessing the seriousness of computer vulnerabilities.
It assigns a numerical score between 0 and 10, reflecting the criticality of a vulnerability and enabling corrective action to be prioritised. This system is maintained by FIRST (Forum of Incident Response and Security Teams).
A cyber attack, also known as a computer attack or cyber attack, is a malicious action carried out via computer networks (mainly the Internet) with the aim of compromising the security, confidentiality, integrity or availability of a system, network or data.
These attacks can target individuals, businesses and critical infrastructures.