Ensuring the application security is not only the priority for technology companies, but also for users themselves who expect both an uninterrupted performance and prevention from an unauthorized access. Getting familiar with the list of possible threats of an application, taking them into consideration at the beginning of the designing stage, implementing appropriate steps as well as conducting tests on a regular basis – these are the key elements of building an actual application security.


Security needs to be prepared, implemented and what is the most important – updated. In this respect it is a process, not a one day, one time activity. A good practice, in order to realize how essential and complex this process is, is to familiarize oneself with a list of guidelines of OWASP. In the programming environment it is known as ”Open Web Application Testing Guide”. This list of guidelines is created by software developers from around the world.


As an example, one of the 10 most common mistakes in application security on the Internet is the exposure of sensitive data, such as credit card numbers, passwords or birth dates – so called A6. Sensitive Data Exposure. What happens is that when someone calls out an error in an application, instead of showing him for example a page error „”Error XYZ”, we disclose the whole configuration and a block of the application’s structure. In this way we give him an indirect access to our system.


Another common threat is an injection of an outside code to our application – so called A1 – Injection. In this way the hacker for example can become an admin of our platform or can freely load any account with a prepaid.


That is why it is important first of all to realize the possible threats and afterwards to perform not only internal security tests on a regular basis, but also penetration tests (pen tests). The latter ones, mostly because of the fact that they are performed by external companies which approach our product as professional hackers and let us be ensured that the application is resistant from attacks and errors.


Łukasz Gajos - CTO, Transparent Data

  • system security during the planning stage
  • good practices for using OWASP
  • source code security
  • sensitive data exposure
Veeam backup logo
Grey Wizard cyberbezpieczeństwo logo
Instytut Bezpieczeństa Danych Osobowych logo
Transparent Data logo


Schedule a visit at a convenient time for you. Learn about our standards and comprehensive approach to the security of your data and applications!


We’ve prepared an educational path around the Data Center 2 to let our current and future customers, as well as partners see how the data center which meets the highest security standards is operated. Come and see for yourself how much we can do for you!



Due to our security policy it is possible to schedule a visit at Data Center 2 not earlier as 7 days after request.


Each person requesting a visit will receive an email with information about our facility security requirements and regulations, which should be signed before the educational path around the Data Center.


Persons who fail to comply with these formalities will not be able to take an educational tour.


I hereby agree to the processing of my personal data by Sp. z o.o. to complete the submitted request in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 - also known as the General Data Protection Regulation (GDRP). The providing of the personal data is voluntary, however it is necessary for processing the request.
I hereby agree to receive marketing information by email from about its products and services, promotions and events in accordance with the Act of 18 July 2002 – on provision of digital services (Journal of Laws 2017, item 1219 with subsequent amendments). The providing of the personal data is voluntary.

The data controller is Sp. z o.o. ( with a registered office at A. Kręglewskiego 11, Poznań 61-248.