VScanner's Knowledge Base
  • Welcome to VScanner Documentation
  • VScanner API
    • Introduction
    • Authentication
    • Vulnerability Scanner
      • Scan Preferences
      • Scan Features
    • Subdomain Finder
    • PDF Report Generation
  • FAQ (Frequently Asked Questions)
    • Account & Subscription
      • Can I change my subscription at any time?
      • Can I delete my account at any time?
      • Which payment methods does VScanner accept?
    • Scans & Reports
      • Can I export the scan result to PDF?
      • I fixed the vulnerabilities found on the last scan, how do I run a new one?
      • How often can I run a scan?
      • How long will it take for a scan to complete?
      • What is a target on VScanner?
      • How to scan a website on VScanner?
      • How does VScanner work?
    • Web Security Vulnerabilities
      • How to protect from cyber attacks?
      • List of OWASP TOP 10 vulnerabilities for 2021-2022
      • What are the most common vulnerabilities on websites?
      • How to fix - Broken Access Control
      • How to fix - Extension Vulnerabilities
      • How to fix - Plugin Vulnerabilities
      • How to fix - CMS Vulnerability
      • How to fix - Weak HTTPS Configurations
      • How to fix - Invalid HTTPS Certificates
      • How to fix - Session Failure
      • How to fix - Validation Failure
      • How to fix - Authorization Failure
      • How to fix - Weak Authentication
      • How to fix - Sensitive Data Exposure
      • How to fix - Cross-Site Request Forgery (CSRF)
      • How to fix - Local File Injection (LFI)
      • How to fix - Remote File Injection (RFI)
      • How to fix - Cross-Site Scripting (XSS)
      • How to fix - Command Injection
      • How to fix - SQL Injection
Powered by GitBook
On this page
  • Denial of service attacks(DoS)
  • Phishing attacks
  • Social engineering attacks
  1. FAQ (Frequently Asked Questions)
  2. Web Security Vulnerabilities

How to protect from cyber attacks?

The three most commom types of attacks (not vulnerabilities) are DoS, Phishing and Social Engineering. You will find below suggestions and ways to protect yourself (and your business) from these types of attacks:

Denial of service attacks(DoS)

There are several ways to protect yourself from denial of service (DoS) attacks, some of which include:

  • Using firewalls: Using firewalls to filter inbound and outbound traffic and block malicious packets.

  • Use DDoS mitigation solutions: Use DDoS mitigation solutions, such as traffic cleaning services, to help absorb and redirect malicious traffic.

  • Use load balancing solutions: Use load balancing solutions to evenly distribute traffic and minimize the impact of a DDoS attack.

  • Continuous Monitoring: Constantly monitor the network to quickly detect and respond to any malicious activity.

  • Use incident management solutions: Use incident management solutions to quickly and effectively handle security incidents, including DDoS attacks.

  • Using proactive security solutions: Solutions such as artificial intelligence and machine learning, to detect and block threats before they can cause harm.

Phishing attacks

There are several ways to protect yourself from phishing attacks, some of which include:

  • Employee training: Provide regular employee training on how to identify and deal with phishing attacks.

  • Security Policies: Establish clear security policies for employees, including rules for handling suspicious emails and calls.

  • Identity Verification: Verify the identity of persons requesting confidential information through external means such as emails or phone calls.

  • Use security tools: Employ security solutions such as spam filters and identity verification systems to defend against social engineering attacks.

  • Don't Share Complacent Information: Avoid clicking on links or downloading attachments from unfamiliar sources, even if they look legitimate, as they may contain malware.

  • Do not click on links or download attachments from unknown senders: Exercise caution when asked for personal details such as credit card numbers, passwords, social security numbers, or significant dates.

  • Check the URL: Make sure the website URL is legal and trustworthy

Social engineering attacks

There are several ways to protect yourself from social engineering attacks, some of which include:

  • Employee Training: Provide regular employee training on how to identify and deal with social engineering attacks.

  • Security Policies: Establish clear security policies for employees, including rules for handling suspicious emails and calls.

  • Identity Verification: Verifying the identity of persons requesting confidential information through external means such as emails or phone calls.

  • Use security tools: Use security tools, such as spam filtering software and identity and access management solutions, to help protect against social engineering attacks.

  • Don't Share Confidential Information: Avoid sharing confidential information with people you don't know unless you've verified their identity.

  • Do not click on links or download attachments from unknown senders: Do not click on links or download attachments from unknown senders, even if they look legitimate, as they may contain malware.

  • Do not provide personal information: Do not provide personal information such as credit card numbers, passwords nor social security numbers or important dates.

PreviousWeb Security VulnerabilitiesNextList of OWASP TOP 10 vulnerabilities for 2021-2022

Last updated 11 months ago