Vulnerability monitoring of the website and IT applications is carried out by means of website scans.

The objective of the scans is to carry out the following checks:

• Vulnerability in CMS components.

This check involves analysing the CMS (Content Management System) for vulnerabilities. The check is performed not only on the CMS core, but also on the plug-ins and themes installed, in order to carry out a complete check.

The aim is to identify potential vulnerabilities in order to protect the website from simple attacks.

• Web software out of date and vulnerable

The objective of this check is to verify website and application vulnerabilities and to check that web software is updated to the latest available version.

Software updates include the correction of bugs that undermine user security. In addition, updates can add new features and remove obsolete ones. It is also examined whether malware, Trojans, and more generally other threats are present within the site or applications.

• Encrypted traffic with SSL certificate

This check aims to verify the correct encryption of data traffic.

Basically, these tools guarantee end-to-end encryption, which means that incoming and outgoing communications are encrypted.

Communications, including encrypted communications, pass through the proxy server, which accepts the encrypted connection coming from an 'end', decrypts the traffic, performs some operations, then returns and sends the traffic to its destination (another 'end').