Explore the world
of Cybersecurity

  • Penetration Test

    When Java Web Start won’t listen: bending a JNLP app to your proxy

    Davide Ornaghi

    Pentesting isn’t always about sleek tools and shiny APIs. I recently faced a legacy Java Web Start app hidden behind a VPN-accessed PAM portal—and it flat-out ignored all my proxy settings. Neither JVM flags nor OS-level variables worked, and to make matters worse, it was running on Windows. By forcing proxy usage at the socket level and decoding both Fast Infoset and Java-serialized SOAP, I managed to break through the layers and uncover serious client-side trust flaws.

  • Application security - EU Directives

    NIS2 Directive: The Second Phase of the Implementation Process Begins

    Valentina Sona

    On April 10, 2025, the National Cybersecurity Agency (NCA) launched the second phase of the NIS2 Directive implementation process, notifying organizations that registered in the first phase of the classification assigned to them.Based on over 30,000 registrations, NCA identified more than 20,000 organizations in Italy as NIS entities. Among them, over 5,000 have been classified as essential entities.In this article, I’ll clarify the notifications, what they contain, and the timelines for the organizations involved.

Discover how we can help you

Together, we’ll find the best solutions to tackle the challenges your business faces every day.