by Alexander | 24 October 2024
A Web Application Firewall (WAF) is a type of firewall designed to protect web applications by filtering, monitoring and blocking malicious inbound and outbound HTTP/HTTPS traffic.
Unlike traditional firewalls that focus on the network or transport layers, WAFs operate at the application layer of the OSI model. They are essential for preventing attacks specific to web applications, such as SQL injections, cross-site scripting (XSS) and Denial of Service (DDoS) attacks.
by Alexander | 18 October 2024
An XSS (Cross-Site Scripting) attack is a web security vulnerability that allows an attacker to inject malicious code (usually JavaScript) into web pages viewed by other users. Unlike other attacks that directly target the server, XSS targets the client, i.e. the user's browser.
TYPE : 🔴 Client-side code injection attack
DANGEROUS: 💀💀💀💀
FREQUENCY: 💣💣
EASE OF ERADICATION: 🧹🧹
by Alexander | 18 October 2024
Zero trust is a security strategy that stipulates that no entity (user, application, service or device) should be considered trustworthy by default, even if it is inside the organisation's network.
by Alexander | 12 September 2024
A zero-day vulnerability (also known as a 0-day vulnerability) is an unknown computer security flaw for which no patch exists...
