Internet Security Auditors Blog

OWASP Top 10 for LLMs: The 10 risks that turn an AI-powered application into a new attack surface.

OWASP Top 10 for LLMs: The 10 risks that turn an AI-powered application into a new attack surface.

Internet Security Auditors

IA GenIA OWASP TOP10 LLM

Apr 9, 2026 11:05:35 AM

For a while, the conversation around generative AI security revolved almost entirely around jailbrea...

Introduction to the Cyber Resilience Act (CRA): Cybersecurity as a Product Requirement

Introduction to the Cyber Resilience Act (CRA): Cybersecurity as a Product Requirement

Kristiyana Dinkova Georgieva

CRA Law CRA Compliance Assessment and Support

Apr 8, 2026 12:37:30 PM

The constant increase in the digitalization of European society and the economy has positioned produ...

Authenticated Scans: The Key to a PCI DSS Certification Without Surprises

Authenticated Scans: The Key to a PCI DSS Certification Without Surprises

Internet Security Auditors

PCI Compliance ASV Scans Authenticated Scans

Mar 23, 2026 12:35:32 PM

The security of cardholder data is constantly evolving to face new threats; the latest version of th...

Implementation of the NIS2 Directive: Relationship and Synergies with ISO 27001

Implementation of the NIS2 Directive: Relationship and Synergies with ISO 27001

Mar 20, 2026 12:11:16 PM

Although we are still awaiting the official publication of the NIS2 Directive in Spain—which will es...

From “Shadow IT” to “Shadow AI”: the new ghosts haunting information systems

From “Shadow IT” to “Shadow AI”: the new ghosts haunting information systems

José Antonio Prieto

CISO-as-a-Service Data Protection AI

Mar 20, 2026 11:06:35 AM

The shadow of the ghost: Shadow IT Since the mid‑20th century, with the arrival of the first commerc...

PCI DSS Scope and Segmentation Guide: Strategies for Modern Network Architectures

PCI DSS Scope and Segmentation Guide: Strategies for Modern Network Architectures

Gabriela S. Córdova

Mar 13, 2026 1:23:09 PM

Proper implementation of scope and segmentation controls is essential to protect payment card data a...

Implementation of an AIMS (ISO/IEC 42001:2023)

The new era of responsible AI: how to implement an IMS with ISO/IEC 42001

Javier Roberto Amaya

Implementation of an AIMS ISO 42001 IA

Mar 11, 2026 3:46:07 PM

Artificial Intelligence (AI) has evolved from laboratory experiments to critical business systems, c...

Privacy and Security in Voice Assistants (Part I)

Privacy and Security in Voice Assistants (Part I)

José Antonio Prieto

Data Protection

Mar 6, 2026 12:46:58 PM

Over the past decade, voice assistants have gradually become part of our daily lives, in some cases ...

Privacy and Security in Voice Assistants (Part II)

Privacy and Security in Voice Assistants (Part II)

José Antonio Prieto

Data Protection

Mar 6, 2026 11:45:20 AM

In the first part of this article, we reviewed the timeline of the key milestones in the emergence o...

From A01 to A10: What the New OWASP Top 10 Reveals About Today’s Security Landscape

From A01 to A10: What the New OWASP Top 10 Reveals About Today’s Security Landscape

Edwin H. Garzón

Intrusión Test

Feb 2, 2026 12:14:31 PM

The OWASP Top 10 is a technical document that summarizes the most critical risks to web application ...

We celebrate 25 years building digital trust

We celebrate 25 years building digital trust

Internet Security Auditors

Jan 23, 2026 11:27:15 AM

Internet Security Auditors will reach a milestone in 2026 that fills us with pride: our 25th anniver...