Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » PCI DSS » XSS


Cross-Site Scripting (XSS) is a security vulnerability which allows a cyber threat actor to inject malicious code into a web page viewed by other users to steal their sensitive information or perform unauthorized actions. The attacker exploits the vulnerabilities in the website’s code and then injects scripts that can be executed in the website users’ browsers. The cyber threat actors use XSS attacks to steal login credentials, credit card details, session tokens, and more to perform fraudulent activities.

Additional reading

security compliance management

Security Compliance Management: Goals and Best Practices

Imagine this. You’re a top executive in the finance department of the company. One day, you receive an email from your CEO’s email address explaining in great detail a scenario that resulted in him not being able to login to one of your databases. Nothing really seems to raise an alarm. The domain name looks…
Benefits of ISO 27001

Five Benefits of ISO 27001 Certification

The ISO 27001 certification can help your organization add to its security posture and make it formidable and armed to fend off security breaches, security incidents and cyber-attacks.  Having a ISO 27001 certification demonstrates your compliance with global best practices regarding information security and evinces trust in your customers’ ecosystem regarding your data security practices. …

SOC 2 vs NIST: What’s the Difference?

The world of the cloud has enabled the B2B environment with agility, interoperability, integration capabilities, and more. But, this also demands increased security abilities to protect the confidentiality and integrity of sensitive data and comply with the globalcom standards. Often choosing the right compliance framework to demonstrate this becomes a blocker for business owners. Choosing…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.