HTTPS. You’ve heard of this right? Think of it as your guardian encryption angel while you’re browsing the web, protecting you from all the evil gremlins that want to steal your data. You can spot whether it’s active on a particular webpage by looking at the URL. At the start of the web-address it should both show the https text and a lock/secure sign to ensure that you’re fully protected as you’re transmitting data over the internet.

Picture the scene. Just another day at work. Sipping coffee, reading documents. Suddenly, you get an email notification. There’s been a data breach in your company’s network. Another email. Apparently, you’ve been in violation of something called ISO27001. What on Earth is that? What does it mean? Another email – this one is a notification of a fine. You open it. How much? Hundreds of thousands of pounds.

Picture the scene. You’re at work at your local hospital, sorting through tables of sensitive patient data on your network’s PCs. Suddenly, a red screen flashes on your monitor. All of your information disappears. You hear shouts as people are screaming that life support machines are starting to malfunction. This isn’t some sort of horrific dream. This literally happened just this week.

XSS Code exploits. Sounds like something out of The Matrix, right? Nope. It’s very much reality, and the chances of you getting hurt by one are increasing exponentially with every day that passes. So, what is it? XSS stands for “cross-site scripting” and is a type of computer security vulnerability typically found in web applications.

Injections. I don’t know about you, but I’ve always had a fear of needles. But at least when you got an injection off the NHS, it tended to improve your health! Code injections on the other hand are far more malicious. Injection is used by an attacker to introduce (or "inject") code into a vulnerable computer programme and change the course of execution.