Account Takeover (ATO)An account takeover (ATO) is a form of cyberattack in which an attacker takes control of another person's account without authorization. This can be achieved through various methods, such as... More
AnycastAnycast is a routing scheme in which a single IP address is applied to several geographically distributed servers. Data packets sent to this IP address reach the nearest or most... More
APIAn API (Application Programming Interface) is a programming interface that enables software applications to communicate and exchange data with each other. APIs define a set of rules and protocols that... More
API AttackAn API attack refers to any hostile or attempted hostile usage of an API (Application Programming Interface). Attackers exploit vulnerabilities in API endpoints to gain unauthorized access, compromise data, disrupt... More
API GatewayAn API gateway is an interface between clients (such as web or mobile applications) and backend microservices. It acts as the single point of contact for clients, receiving their API... More
API SecurityAPI security refers to the measures and techniques implemented to protect APIs (Application Programming Interfaces) from malicious attacks, misuse, and other security threats. This includes protecting the interfaces through which... More
Application Layer DDoS attackAn application layer DDoS attack is a type of distributed denial of service (DDoS) attack that aims to disrupt the services of a web application or server by overloading the... More
ARP (Address Resolution Protocol)The Address Resolution Protocol (ARP) is a network protocol that allows IP addresses to be mapped onto corresponding physical MAC addresses. In local area networks (LANs), ARP helps translate IP... More
Artificial Intelligence (AI)Artificial intelligence (AI) refers to the field of computer science that deals with the creation of machines or software capable of performing tasks that typically require human intelligence. This includes... More
Artificial Intelligence (AI) for DDoS MitigationWhy Automation and AI are Critical in DDoS Mitigation In recent years, the volume and severity of Distributed Denial of Service (DDoS) attacks have risen exponentially. The potential business consequences... More
Attack vectorIn IT security, an attack vector refers to a method or path used by an attacker to gain unauthorized access to a computer system or network. The aim of such... More
Auto ScalingAuto Scaling is the automatic increase or decrease of computational resources that are available for assignment to workloads. Auto Scaling is closely associated with load balancing. Strictly speaking, a load balancer... More
b
BackboneA backbone on the Internet refers to the central network of high-speed connections and routers that connect the various parts of the Internet. Metaphorically speaking, it is the the "backbone"... More
Bad BotsHow To Protect Your Business Website from Bad Bots Every organization understands the threat posed by DDoS attacks. It is 2020, after all. DDoS flooding attacks against big name brands... More
BAIT (Banking supervisory requirements for IT)The Banking Supervision Requirements for IT (BAIT) were developed by the German Federal Financial Supervisory Authority (BaFin) to ensure that information technology in banks and other financial institutions is secure... More
BGP (Border Gateway Protocol)The Border Gateway Protocol (BGP) is the standard routing protocol used to route data packets on the Internet. It enables Internet Service Providers (ISPs) and other large networks to communicate... More
Big DataBig data refers to extremely large and diverse collections of structured, unstructured and semi-structured data that are growing continuously and exponentially. These data volumes are so extensive and complex that... More
BlockchainBlockchain is a distributed database or ledger technology that provides a secure and immutable record of transactions. Each record or "block" of information is cryptographically linked to the previous block,... More
Bot ManagementWhat is Bot Management (and What Does it Do?) In recent years, organizations worldwide and across all industries have been forced to develop and maintain increasingly tight controls to protect... More
Bot MitigationBot mitigation is a vital part of securing web assets like websites, applications, and APIs against threat actors. Hostile bots wage a variety of attacks, from data scraping and account takeovers... More
Bot TrafficBot Traffic: What You Need to Know Over the last few years, bot traffic has become a massive headache for organizations across all industries. While bots themselves are nothing new,... More
Bot Website-BlockingHow and Why You Should Block Bots on Your Business Website When you think about cyberattacks, you probably imagine a hooded hacker sitting in a darkened room and typing furiously... More
Brute force attackIn the field of IT security, a brute force attack means cracking a password using trial and error. Although it can involve some level of calculation, it basically consists of... More
BSI - Federal Office for Information SecurityThe Federal Office for Information Security (BSI) is a German federal authority responsible for security in information technology. It was founded in 1991 in response to the growing importance of... More
c
CaptchaWhat is Captcha and how does it work? CAPTCHA is a popular security mechanism that is often used to protect against spam on websites. Almost everyone has had to deal... More
Carpet BombingIn IT, the term Carpet Bombing refers to an overload attack (DDoS) in which an enormous number of small requests overload a system. The problem: Due to the small requests,... More
CISO (Chief Information Security Officer)A CISO (Chief Information Security Officer) is responsible for the development and implementation of an information security strategy within an organization. The main role of a CISO is to protect... More
Client FingerprintingHave you heard of client fingerprinting? As privacy and security become increasingly important, it is crucial to understand the different techniques used to identify and track users on the Internet.... More
Climate neutralityAs the digital transformation progresses and awareness of environmental issues grows, companies, governments and private individuals are focusing on climate neutrality. The concept of climate neutrality is becoming an essential... More
Cloud ActThe Cloud Act, short for "Clarifying Lawful Overseas Use of Data Act", is a US law that was passed in March 2018. It regulates the access of US authorities to... More
Cloud ComputingCloud computing refers to a technology in which various IT services are provided and used via the Internet, for example, storage space, computing power, and software. Instead of operating these... More
Cloud SecurityThe increasing shift of IT infrastructure to the cloud requires a special focus on security measures. Cloud security refers to strategies, technologies and processes that aim to protect data, applications... More
CNAPPA CNAPP (cloud-native application protection platform) is a comprehensive security solution designed specifically to protect cloud-native applications. The term was coined by Gartner to address the growing need for security... More
Content Delivery Network (CDN)What is a CDN and How Does it Work? In recent years, there’s been plenty of hype surrounding CDNs. Once the exclusive domain of huge digital service providers like Facebook,... More
Content Security Policy (CSP)A Content Security Policy (CSP) is a security measure used to protect web applications from various types of attacks, in particular cross-site scripting (XSS) and data injections. A CSP allows... More
Credential StuffingCyber attacks have become an omnipresent threat in the age of the Internet and digital identities. One method gaining popularity and poses significant risks for online users is so-called "credential... More
Cross-site scripting (XSS)Cross-site scripting (XSS) describes a security vulnerability that occurs in web applications when an attacker successfully inserts malicious code (usually in the form of scripts) into web pages that other... More
Crypto MiningCrypto mining, also known as cryptic mining or cryptocurrency mining, is the process of validating and adding new transactions to a blockchain network and generating new units of a cryptocurrency.... More
CryptographyCryptography refers to the science and practice of encrypting and decrypting information. The goal of cryptography is to encrypt data using various methods and techniques so that it is protected... More
CyberattackA cyberattack is a targeted attempt to penetrate computer systems, networks, or digital devices with the intention of stealing, damaging, manipulating, or compromising data. These attacks are often carried out... More
CybersecurityWhat does Cyber Security mean? By definition, cyber security refers to all measures required to protect the digital layers of a company. This includes computers, mobile devices, servers, other electronic... More
d
Data Loss Prevention (DLP)In today's digital landscape, where data is the lifeblood of every organization, protecting that data is of the utmost importance. To tackle this effectively, data loss prevention (DLP) is a... More
DDoS attackWhat is a DDoS Attack? A DDoS (Distributed Denial of Service) attack attempts to overwhelm an Internet-connected asset with the aim of making it unavailable to legitimate users. It does... More
Deep LearningDeep learning is a subfield of machine learning and thus also of artificial intelligence (AI). It involves the use of artificial neural networks that are designed to process information in... More
DevOpsThe word “DevOps” is a combination of “development” and “operations.” However, the word has a broader meaning than just a combination of these two concepts. What is DevOps? DevOps is... More
DevSecOpsDevSecOps (stands for Development, Security and Operations) is the addition of security to DevOps. It is an overall process to ensure that security is “baked in” to the entire software... More
Disaster RecoveryDisaster recovery (DR) describes the ability of a company to get back to working order after a serious incident. Above all, this includes restoring access to IT systems and continuing... More
DNS amplification attackA DNS amplification attack is a type of Distributed Denial of Service (DDoS) attack in which an attacker exploits vulnerabilities in the Domain Name System (DNS) to amplify traffic and... More
DNS amplification attacksWhat are DNS Amplification Attacks? DNS amplification attacks are a version of distributed denial-of-service attacks (also known as DDoS). These DNS amplification attacks use DNS servers as amplifiers. The attack... More
DNS Cache PoisoningDNS cache poisoning, also known as DNS spoofing, is a form of cyberattack in which an attacker injects data into the DNS resolver cache to trick the resolver into returning... More
DNS flood attackA DNS flood attack is a form of Distributed Denial-of-Service (DDoS) attack that targets the Domain Name System (DNS). It works by flooding a DNS server with an extremely high... More
DNS ServerA DNS server (Domain Name System server) is an important part of the Internet that serves to convert human-friendly domain names into the corresponding IP addresses used by computers and... More
DNS TunnelingDNS tunneling is a technique that abuses the Domain Name System (DNS) to transfer data via DNS queries and responses. It is often used by attackers to sneak network traffic... More
DomainA domain, also known as a domain name in the context of the Internet, is a unique address that is used to identify a website. It allows users to easily... More
DORA - Digital Operational Resilience ActThe Digital Operational Resilience Act (DORA) is a European Union regulation aimed at strengthening the security and resilience of information and communication technology in the financial sector. DORA came into... More
DoS, DDoS and RDoSDoS, DDoS und RDoS – What is the difference? The three terms DDoS, DoS and RDoS look very similar at first glance and also have many things in common, but... More
Doxing"Doxing" (also spelled "doxxing") is the practice of collecting personal and private information about an individual without their consent and publishing it on the Internet. This typically includes names, addresses,... More
e
Edge ComputingEdge computing is a computing paradigm that aims to bring data processing as close as possible to the source of data generation (i.e., the "edge" of the network). This approach... More
f
FailoverFailover is a key technology for minimizing these risks and ensuring business continuity. In our technology-driven world, the constant availability of systems and services is crucial. Outages can lead to... More
False Negative AlarmIn web application security, an ideal security system would correctly evaluate all incoming traffic. All legitimate traffic would be allowed, and all hostile traffic would be blocked. Unfortunately, in the real... More
False Positive AlarmThe primary purpose of a web security solution is to detect potential threats, block them automatically, and notify administrators. However, no security system is flawless, and false alarms are an... More
g
GDPR ComplianceGDPR compliance refers to a set of regulations called the General Data Protection Regulation (GDPR), which is used in the European Union (EU). The GDPR is a comprehensive data protection... More
Geo-blockingGeo-blocking is a technique used to restrict access to Internet content based on a user’s geographical location. This restriction is made possible by recognizing the user's IP address, which provides... More
GRE TunnelingGRE (Generic Routing Encapsulation) Tunneling is a network protocol developed by Cisco that transfers data packets between two networks over a public or private connection. It is used to create... More
h
HackerA hacker is a person with in-depth knowledge of computer technology. Their skills enable them to understand systems and find security breaches, a process known as hacking. When the term... More
HoneypotA honeypot is a security measure used to detect, analyze, and defend against cyberattacks. It is a deliberately vulnerable system or software that is meant to appear attractive to attackers.... More
HTTP 400 errorHTTP status codes are used for communication between web servers and clients to provide information about the status of a request. A HTTP 400 error: Bad Request is an HTTP... More
HTTP 403 errorThe display of an HTTP 403 error informs the user that there was an error with a website request. If your web browser displays a 403: Forbidden code instead of... More
HTTP 404 errorOne of the most common errors encountered on the Internet is the HTTP 404 error code. It indicates that the desired page or requested file is no longer available. If... More
HTTP 500 errorThe display of an HTTP 500 error is not uncommon when surfing the Internet. Many error codes, such as the HTTP 404 error, signal a clear problem and are therefore... More
HTTP 504 errorThe HTTP 504 error is a common phenomenon in the online world, not only for website visitors but website operators too. While the error message itself is very well known,... More
HTTP and HTTPsHTTP and HTTPS: What is the difference? The HTTP and HTTPS protocols are important for communication on the Internet and are therefore terms often encountered while browsing the net. But... More
HTTP CookieAn HTTP cookie, often simply referred to as a cookie, is a small text file created by a website that is stored on the user's computer. It contains information, including... More
HTTP Flood DDoS attackWeb applications are a central part of business operations for organizations of all sizes. The availability of these applications is therefore crucial, but their ubiquity also means they are repeatedly... More
Hybrid CloudA hybrid cloud is a cloud computing model that combines both private and public cloud environments. This model enables the orchestration, management, and use of IT resources across different cloud... More
i
IDP (Identity Provider)An identity provider (IDP) is a service or platform that manages and verifies digital identities. IDPs authenticate users by verifying their credentials and then issue authentication tokens that enable secure... More
Immutable InfrastructureAs the name implies, “Immutable Infrastructure” refers to IT infrastructure that does not change. When an organization uses II, it sets up infrastructure parts like servers and Docker containers and... More
Information Security Management System (ISMS)An Information Security Management System (ISMS) is a systematic approach to managing and protecting sensitive information within an organization. Its purpose is to ensure the confidentiality, integrity and availability of... More
Infrastructure as Code (IaC)Infrastructure as Code (IaC) is the provisioning and management of computing infrastructure from machine-readable definition files. IaC not only includes traditional infrastructure such as servers and virtual machines, but also... More
Infrastructure-as-a-Service (IaaS)Infrastructure as a Service (IaaS) is a cloud computing model that provides basic IT infrastructure resources via the internet. IaaS enables companies to rent computing power, storage space, network capacity... More
Internet of ThingsThe Internet of Things (IoT) is a term used to describe the networking of Internet-enabled, intelligent devices. These devices communicate with each other to automate processes and measure, collect, and... More
Intrusion Detection System (IDS)An intrusion detection system (IDS) is a security mechanism that monitors and analyzes a network or system activity to detect suspicious behavior or unauthorized access. The main objective of an... More
Inventory HoardingInventory hoarding, also known as inventory denial, is a critical threat faced by web applications, particularly those offering online purchases or reservations. This attack involves hostile bots manipulating inventory, attempting... More
IP addressAn IP address (Internet Protocol Address) is a unique numeric identifier assigned to each device or machine on a computer network. This address is used to identify devices that use... More
IP fragmentation attacksIP fragmentation attacks – how do they work? To understand IP fragmentation attacks, it is important to understand IP fragmentation first. IP communication is used to exchange data packets on... More
IP RoutingIP routing is an essential process in computer networks. In short, it is the method by which networks route data packets from a source to their destination within an IP... More
ISO 27001 CertificationThe ISO 27001 certification is an international standard for information security management systems (ISMS). It was developed by the International Organization for Standardization (ISO) in collaboration with the International Electrotechnical... More
IT baseline protectionIT baseline protection is a framework developed in accordance with BSI specifications (German Federal Office for Information Security). Its purpose is to help organizations achieve an appropriate level of security... More
IT ComplianceCompliance in IT is a fairly complex subject. It refers to the observance of legal, regulatory and industry-specific rules and regulations that affect the handling of information, data, systems and... More
IT InfrastructureAn IT infrastructure refers to the entirety of hardware, software, network components, operating systems, and data storage required to provide and manage IT and telecommunications services in an organization. This... More
l
Load BalancingLoad balancing is a technique that aims to distribute the workload evenly among multiple resources such as servers, processors or network connections. The main goal is to use the available... More
m
Machine LearningMachine learning is a subfield of artificial intelligence (AI) that deals with the development of algorithms and models. These enable computers to learn from experience and perform tasks without having... More
Man-in-the-middle attackA man-in-the-middle attack (MitM) is a type of cyberattack in which the attacker secretly takes over or intercepts communications between two parties without the parties involved realizing. The attacker gets... More
MaRisk - Minimum requirements for risk managementThe Minimum Requirements for Risk Management (MaRisk) is a regulatory requirement issued by the German Federal Financial Supervisory Authority (BaFin). These regulations apply to banks, financial service providers, and insurance... More
MTLS (Mutual TLS)Mutual TLS (mTLS) is an extension of the TLS protocol that enables mutual authentication between a client and a server. In a typical TLS connection, only the server confirms its... More
Multi-factor authentication (MFA)Multi-factor authentication (MFA) is a security measure that requires users to provide two or more pieces of evidence (factors) to confirm their identity before gaining access to an online account,... More
n
Negative Security ModelCybersecurity is a complex field that requires constant attention; keeping current on a myriad of evolving attack types, selecting and adopting constantly-changing technology, and so on. The need to stay... More
Network PortA network port is a virtual point in a computer network where network connections begin and end. It is a software-based construct that is managed by an operating system to... More
NIS-2 DirectiveThe NIS-2 Directive is a revised version of the European Union's Network and Information Security Directive (NIS Directive). It was introduced to strengthen the existing cybersecurity framework and increase member... More
NTP amplification attackAn NTP amplification attack is a form of distributed denial of service (DDoS) attack that uses the Network Time Protocol (NTP) to multiply data. The attacker sends fake requests to... More
o
Open SourceThe term "open source" refers to software or technology where the source code is freely available to the public and can be collaboratively edited, improved, and shared by a community... More
OSI Model - Network LayerWhat is a Network Layer? (OSI Model Explained) In the cybersecurity world, threats are often described as targeting a specific layer. But what does that actually mean? The idea of... More
OWASP Top 10OWASP stands for "Open Web Application Security Project" and is a global non-profit organization focused on improving web application security. OWASP aims to create awareness for that type of protection... More
p
PatchA patch is a software update or small program designed to fix errors (also called "bugs") in a software application or operating system. Patches are also used to add new... More
PentestPentest: How does it work? In the field of IT security, a penetration test, or pentest for short, is a desired, commissioned test for vulnerabilities in IT infrastructure. As such,... More
PhishingWhat is Phishing? Phishing is a cyberattack in which fraudsters use fake communications, such as e-mails, text messages, or websites, to steal personal information from bona fide users. The main... More
Ping (ICMP) flood DDoS attackA Ping flood DDoS attack, also known as an "ICMP flood attack", is a form of denial of service (DoS) attack in which an attacker attempts to overload a target... More
Platform-as-a-Service (PaaS)Platform-as-a-Service (PaaS) is a cloud computing model that provides a platform on which developers can develop, run, and manage applications without having to worry about the underlying infrastructure. PaaS provides... More
Positive Security ModelWhat is the best approach to web application security? For many years, the negative security model was the basis of all Web Apllication Firewalls (WAF). Today, this is being supplanted by the... More
Privacy ShieldThe Privacy Shield, also known as the EU-US Privacy Shield or EU-US Privacy Shield Framework, was an agreement between the European Union (EU) and the United States (US). It was... More
Private CloudA private cloud is a type of cloud computing infrastructure that is used exclusively by a single company or organization. It is hosted either internally (on-premises) or by a third-party... More
ProxyA proxy is a server that acts as an intermediary between an end device, such as a computer, and the Internet. When a device establishes an Internet connection via a... More
Public CloudA public cloud is a model of cloud computing in which resources, such as computing power, storage and network services, are provided by an external service provider via the Internet... More
r
Ransom DDoSWhat is Ransom DDoS? When cybercriminals combine a DDoS attack with a ransom demand, this is known as a ransom DDoS attack (RDDOS). The damage in such a case can... More
RansomwareRansomware: A Tool for Cyber Blackmail Blackmail by anonymous cybercriminals is an acute threat to companies of all sizes. Hackers also target administrations and government authorities. Only a comprehensive approach... More
Ransomware/DDoS combined attackDDoS attacks as a dangerous smokescreen Distributed denial of service attacks is currently on the agenda throughout Europe. However, due to the current situation, such attacks are no longer only... More
Rate LimitingRate limiting is a defensive strategy for spreading network traffic. It involves setting an upper limit on how often users or applications can perform an action within a defined timeframe.... More
Reverse ProxyA reverse proxy is a type of proxy server that acts as an intermediary between external requests from the Internet and the servers running on an internal network. This is... More
s
SASE (Secure Access Service Edge)SASE (Secure Access Service Edge) is a network and security concept coined by Gartner in 2019. It combines network and security functions in a cloud-based architecture to meet the requirements... More
ScamScam is an English term that stands for fraud or swindle. It refers to a form of deception in which fraudsters attempt to harm other people through fraudulent actions or... More
Scrubbing CenterA scrubbing center (also called a traffic scrubbing center) is a type of facility or service used in information and network security. It filters out malicious traffic from a network... More
Secure DNSWhat is Secure DNS and Why Do I Need it? Secure DNS infrastructure is an essential component of any cybersecurity program. Unfortunately, DNS exploits get far less media attention than... More
Security Information and Event Management (SIEM)In the complex and constantly evolving world of cybersecurity, it is essential for companies to have a comprehensive overview of their security situation. Security Information and Event Management (SIEM) is... More
Single Sign-On (SSO)Single sign-on (SSO) is an authentication technology that allows users to log in once and access multiple applications, services, or systems. SSO is designed to improve user experience, increase security,... More
SkewingIn cybersecurity, skewing refers to the targeted manipulation of data to distort the results of analysis or machine learning models. This type of attack is often referred to as a... More
SlowlorisSlowloris is a type of DDoS attack in which the attacker attempts to overload a web server by holding multiple concurrent connections. The attack works by the attacker opening a... More
Smurf DDoS attackA Smurf DDoS attack is a form of distributed denial of service (DDoS) attack that floods networks and servers with an enormous number of Internet Control Message Protocol (ICMP) packets.... More
Software-as-a-Service (SaaS)Software-as-a-Service (SaaS) is a cloud-based software distribution model in which applications are provided as a service via the Internet. Instead of installing copies of the software on individual computers, users... More
SpamSpam refers to unwanted communication, usually in the form of emails sent in bulk, that often contain advertising, phishing attempts, or malware. These messages are typically sent without the consent... More
Spear PhishingSpear phishing is a targeted form of phishing in which attackers target specific individuals or organizations. Unlike general phishing attacks, which are widely distributed to a large number of recipients... More
SpoofingThe concept of spoofing focuses on the deception of true identity or origin by an attacker to impersonate another person or entity. This deceitful technique can be applied at different... More
SQL InjectionSQL injection (SQLi) is a type of cyberattack in which an attacker inserts malicious SQL code into a database query to manipulate the underlying database of a web application system.... More
SSL (Secure Sockets Layer)SSL (Secure Sockets Layer) is a standard security technology that establishes an encrypted connection between a web server and a browser. This connection ensures that all data transmitted between the... More
Supply Chain AttackA supply chain attack is a type of cyberattack in which attackers exploit vulnerabilities in a company's supply chain to gain access to sensitive data, systems or networks. Instead of... More
SYN flood attackA SYN flood attack is a form of Denial of Service (DoS) attack in which the attacker attempts to disable a server or network by overloading it with SYN packets.... More
t
TCP/IPTCP/IP stands for Transmission Control Protocol/Internet Protocol. The term refers to a suite of communication protocols that enable computers to communicate with each other over a network such as the... More
TLS (Transport Layer Security)TLS (Transport Layer Security) is a protocol designed ensure the security of data communication on the Internet. It is used to encrypt and secure data transmission between servers, clients, and... More
Tor BrowserThe Tor Browser is a free, open-source web browser based on Mozilla Firefox. It was developed to protect the privacy and anonymity of users when surfing the Internet. The name... More
Transmission Control Protocol (TCP)The Transmission Control Protocol (TCP) is one of the main protocols of the Internet. It is used to transfer data between computers on a network in a secure and reliable... More
Trojan horseA Trojan horse is a type of malicious software that masquerades as harmless or useful software in order to sneak onto a computer system undetected. Once installed, it can perform... More
u
UDP Flood DDoS AttackA UDP flood DDoS attack is a type of denial-of-service (DoS) attack in which a large number of User Datagram Protocol (UDP) packets are sent to random ports on a... More
UEBA (User and Entity Behavior Analytics)UEBA (User and Entity Behavior Analytics) is a security solution that uses technologies and methods to monitor and analyze the behavior of users, applications, and devices within a network to... More
v
Virtual Machine (VM)A virtual machine (VM) is a software-based simulation of a computer system. It allows an operating system and associated applications to run in an isolated environment on a physical host... More
VPN (Virtual Private Network)A Virtual Private Network (VPN) is a technology that creates an encrypted connection between a device and the internet. It protects data from unauthorized access, hides the IP address, enables... More
w
WAAPWAAP (Web Application and API Protection) is a security technology designed to protect web applications and API services from various types of threats. These attacks can include exploits that take... More
WAN (Wide Area Network)A Wide Area Network (WAN) is a network that covers a large geographical area. It is used to connect various smaller networks, such as Local Area Networks (LANs) or Metro... More
Web applicationA Web application, also known as web app, is a software application that runs on a web server and is accessible via a web browser on the user's end device.... More
Web Application Firewall (WAF)A Web Application Firewall (WAF) is a type of firewall that specializes in protecting web applications from various security threats. In contrast to traditional firewalls, which filter and control data... More
Web Application SecurityWeb application security is the process of protecting web applications from Internet threats. Traditionally, this is provided by a WAF: a web application firewall. What is a web application? A web... More
Web CrawlerA web crawler, also known as a spider or a bot, is an automated program or script that systematically visits websites. Its main goal is to collect and index information... More
Web ScrapingIn the world of digital information, a fascinating technique can help us deal with the sheer quantity of information on the Internet: web scraping, which can be used to read... More
WhalingWhaling is a form of cyberattack in which the attackers impersonate high-ranking executives or other authority figures to obtain sensitive information or money from companies or individuals. Unlike phishing, which... More
z
Zero Day ExploitA zero day exploit is an attack tool that exploits a previously unknown security vulnerability in software or hardware. This vulnerability is not known to the developers and users at... More
Zero TrustZero Trust marks a new way of thinking in IT security. With this IT security approach, the focus is on protecting the boundaries of the company. Here, the focus is... More