Veille en sécurité et services d'experts

Le Blog

Recherche sur les menaces, actualités de sécurité de dernière minute et retours de terrain de l'association.

Architecture

Zero Trust Architecture: A Pragmatic Guide for 2026

Zero Trust is sold as a product but it is an architecture. Here is a realistic, identity-first roadmap to implement it without rebuilding your network overnight.

Davide Conti12 juin 2026 · 3 min
Offensive Security

What Is Penetration Testing? Types, Process & Benefits (2026 Guide)

A complete, practitioner-led guide to penetration testing in 2026: the main types, the five-phase process, what a strong report looks like, and how to choose a provider.

Sara Bianchi22 juin 2026 · 6 min
Offensive Security

VAPT vs Penetration Testing: What's the Difference?

VAPT and penetration testing are often confused. Here is exactly how they differ, when to use each, and how to combine them into one effective security program.

Marta Ferri16 juin 2026 · 6 min
Application Security

The OWASP Top 10 (2026): A Practical Developer's Guide

A practical, developer-focused walkthrough of the OWASP Top 10 web application risks — what each category means, how attackers exploit it, and how to prevent it.

Luca Romano9 juin 2026 · 5 min
Threat Research

Anatomy of a Modern Ransomware Attack — and How to Break the Kill Chain

From initial access broker to double extortion, we trace the full kill chain of a modern ransomware intrusion and pinpoint where defenders can break it.

Marta Ferri3 juin 2026 · 6 min
Governance

ISO 27001 Certification: A Step-by-Step Roadmap

A clear, step-by-step roadmap to ISO 27001 certification: scoping the ISMS, risk assessment, the Statement of Applicability, internal audit and the certification audit.

Elena Rossi29 mai 2026 · 6 min
Cloud Security

Cloud Security Best Practices for AWS, Azure and GCP

The cloud security fundamentals that actually prevent breaches across AWS, Azure and GCP: identity, configuration, network design, logging and workload hardening.

Davide Conti20 mai 2026 · 5 min
Emerging Threats

Securing the AI & LLM Supply Chain: Prompt Injection and Beyond

Models, prompts, retrieved documents and tools are now part of your attack surface. We map the new AI/LLM risks and the controls that actually help.

Luca Romano8 mai 2026 · 6 min