Security Insights
Security Insights
A guide to compliance
NIS2 updates EU cybersecurity rules, clarifying responsibilities and raising the bar for protection across vital sectors.
Dec 21, 2023
Security Insights
Critical vulnerability in Kiesraad
A story about how we found a critical vulnerability in the Dutch Electoral Council (Kiesraad) development infrastructure.
Sep 12, 2023
Security Insights
Template Injection
Template Injection is a common issue in web apps. Here’s how it works, why it matters, and simple ways to handle it.
Dec 5, 2022
Security Insights
Local File Inclusion
Today’s spotlight: Local File Inclusion (LFI) vulnerability. Learn its impact, severity, and how to prevent this critical flaw.
Sep 19, 2022
Security Insights
Cross Site Request Forgery
Cross-Site Request Forgery (CSRF) exploits trust in cookies to hijack user actions. Discover risks, impact, and prevention.
Aug 15, 2022
Security Insights
Cross-Site Scripting (XSS)
Cross-site scripting (XSS) is the #1 Bug Bounty finding on our platform. Discover why it’s so common and how to prevent it.
Aug 15, 2022
Security Insights
SQL Injection
SQL can expose or alter entire databases with a single query tweak. Here’s what it is and how to defend against it.
Jun 22, 2022
Security Insights
Insecure Direct Object Reference (IDOR)
Broken access control via IDOR can expose accounts and data. Learn how it happens, its impact, and how to mitigate it.
May 16, 2022
Security Insights
Kaseya ransomware attack
When Kaseya was hit by ransomware, DIVD had warned months earlier. We sat down with its volunteers to unpack what went wrong.
Aug 17, 2021