Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

keeper

What Is Cross-Site Scripting?

Aug 25, 2023 By Aranza Trevino In Keeper

Cross-Site Scripting (XSS) is a web security vulnerability that happens when cybercriminals inject client-side scripts into web pages accessible by other users. These scripts compromise the web page and allow cybercriminals to inject malicious scripts into a user’s browser, leading to the exposure of data, session hijacking or manipulation of the web page’s content and functionality.

Read Post
upguard

Top 5 Challenges and Solutions in Managing Third-Party Risks

Aug 25, 2023 By Leah Sadoian In UpGuard
Whenever an organization outsources part of its business process to an outside party, it introduces various risks to the primary organization. Third-party risk management refers to how organizations address and mitigate security risks across their entire library of vendors and suppliers. Unfortunately, third-party risk exposure can be difficult to manage and comes with many challenges organizations must address for an effective third-party risk management program.
Read Post

Office 365 Security Review | Get your Office 365 Security Reviewed Today

Aug 25, 2023 By Cyphere In Cyphere
Are you looking for an Office 365 security review? Our team provides comprehensive security reviews of your Office 365 environment. Learn how our testing approach can identify common issues and ensure your data is kept safe while also gaining the most from all the features and benefits that Office 365 services offer. Get in touch with us today and see why an Office 365 security review is essential for businesses of all sizes!
View Video

AWS Penetration Testing Service | Secure Your Cloud Infrastructure

Aug 25, 2023 By Cyphere In Cyphere
Are you looking for a reliable and comprehensive AWS penetration testing service? Look no further! We provide comprehensive penetration testing services for the AWS ecosystem tailored to your needs. Learn from our experts about common vulnerabilities and how we approach penetration testing in different areas. Understand the benefits of using our service so you can make an informed decision for your security needs. Watch now to learn more about our AWS Penetration Testing Service!
View Video

Securing Your SaaS with Our Comprehensive Security Testing Service

Aug 25, 2023 By Cyphere In Cyphere
Secure your SaaS applications from malicious attacks with our comprehensive SaaS Security Testing Service. Learn how our expert team of SaaS security testers will assess and uncover vulnerabilities in your software and recommend solutions to keep your business safe. Discover the benefits of testing your software to reduce risk and improve customer experience. Find out more about our SaaS Security Testing services today!
View Video

Mobile Application Penetration Testing Service | Secure Your App Now

Aug 25, 2023 By Cyphere In Cyphere
Are you looking for a reliable and comprehensive mobile application penetration testing service? Look no further! Our team of experts is providing the ultimate security for your mobile applications. Learn more about our efficient pentesting approach and the common vulnerabilities to look out for. Discover the key benefits of utilising our mobile application penetration testing service today! Service quality underpins everything we do.
View Video
SecurityScorecard

Predicting the stability of security ratings over time

Aug 25, 2023 By SecurityScorecard In SecurityScorecard

The concept of ratings has been the accepted standard for making investment decisions. The first commercial credit reporting agency, the Mercantile Agency, was founded in 1841. While this relied on largely subjective methods of evaluation, it wasn’t until the 1960s, when credit reporting became computerized, that the industry consolidated and took off. Since then, credit and financial ratings models have progressed to become objective and trustworthy data points that inform lending decisions.

Read Post
wallarm

API Abuse - Lessons from the Duolingo Data Scraping Attack

Aug 25, 2023 By Wallarm In Wallarm

It’s been reported that 2.6 million user records sourced from the Duolingo app are for sale. The attacker apparently obtained them from an open API provided by the company. There’s a more technical explanation available here. While we talk a lot about the vulnerabilities in the OWASP API Top-10 and the exploits associated with those vulnerabilities, this incident provides a good reminder that not all vulnerabilities are flaws in code. In fact, this API was working as designed.

Read Post
keep

SPF & DMARC

Aug 25, 2023 By Keep Information Security Services In KEEP
If you’re not particular techy these acronyms may not mean much, but you can easily make checks, even if you can’t implement the fix! Read on….. One of KEEPs consultants recently assessed a client (CNI) where only 55% of their domains had the necessary SPF and DMARC configurations in place correctly. This mis-configuration allows attackers (at minimum) to easily email spoof and target your users. If you do nothing else this week, check the basics!
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.