Cyber security is an important concept, and its importance is increasing daily in every aspect of our daily lives. The increase in technology usage areas and rate in online platforms is one of the most important reasons for the security requirement. Today, the active use of information technologies is seen in many sectors, such as health, tourism, education, transportation, communication, and banks. Companies operating in these sectors may suffer severe financial losses, and their reputations may be damaged in case of possible cyber-attacks. This situation makes corporate information security an important topic. Cyberattacks on companies can be implemented with various methods and techniques. It can be grouped as social engineering, physical attacks, and web application attacks. In this study, cyber-attack threats that institutions are exposed to were examined. The study aims to investigate the possible attacks that can be carried out on institutions. As a result of these examinations, it is a resource that provides an understanding of the importance of cyber security.

Keywords - Cyber Security, Corporate Information Security, OWASP

[1] Akyıldız, M.A., Evaluation of Penetration Tests with Applications in Cyber Security. Süleyman Demirel University, Graduate School of Natural and Applied Sciences, Department of Electronic Communication Engineering, Master Thesis, 2013.

[2] Aytekin, A., Evaluation of Turkey's cyber security strategy and action plan, Gazi University, Institute of Informatics, Department of Information Systems, Master Thesis, 2015.

[3] Arda, E., A Real-Time System Proposal on Awareness, Detection and Prevention of Attack Threats in the Cyberspace Environment. Baskent University, Graduate School of Natural and Applied Sciences, Department of Computer Engineering, Master Thesis, 2020.

[4] Yaşar, H., Threats to Corporate Cyber Security and Fighting Methods: An Action Plan Example. Gazi University, Institute of Informatics, Department of Management Information Systems, Master Thesis, 2014.

[5] Yılmaz, S., The Importance of Software Quality Processes in Providing Cyber Security. Gazi University, Informatics Institute, Department of Computer Science, Master Thesis, 2015.

[6] Yıldırım, Y.E., Cyberattacks on information systems and providing cyber security. International Occupational Sciences Symposium, Ankara University, 2018.

[7] Şentürk, M.Y., Current Cyber Attack Methods, Penetration Testing Tools and Application on a Representative Corporate Network. Turkish Aeronautical Association University, Department of Electrical and Computer Engineering, Electrical and Computer Engineering Program, Master Thesis, 2018.

[8] Özbay, R., Active cyber defense techniques and performance analysis. Afyon Kocatepe University, Graduate School of Natural and Applied Sciences, Department of Internet and Information Technologies Management, Master Thesis, 2015.

[9] Aytekin, A., Evaluation of Turkey's cyber security strategy and action plan, Gazi University, Institute of Informatics, Department of Information Systems, Master Thesis, 2015.

[10] Aydoğdu, D., Gündüz, M., A Research on Web Application Security Vulnerabilities and Security Solutions, International Journal of Information Security Engineering, Volume 2, 1-7, 2016.

[11] Bahuguna, A., Bisht, R.K., Pande, J., Roadmap amid chaos: cyber security management for organizations. 9th International Conference on Information Processing, Communication and Network Technologies, 1-6, 2018.

[12] Fussell, R.S., Protecting Information Security Availability via Selfadapting Intelligent Agents. Military Communications Conference, IEEE, 2005.

[13] Aşan, H., Gökşen, Y., A Tool for Security and Process Efficiency in Web Applications: DEBSA. Atatürk University, Journal of Economics and Administrative Sciences, 2020.

[14] Salahdine, F., Kaabouch, N., Social Engineering Attacks: A Survey, Future Internet, MDPI, 2019.

[15] www.owasp.org/www-project-top-ten., Accessed time: 18.11.2021.

[16] https://vulners.com/d0znpp/D0ZNPP: BB56737687F42F8AF85734B9ECA05C33., Accessed time: 28.12.2021.

[17] Bach-Nutman, M., Undestanding the Top 10 OWASP Vulnerabilities, Bournemounth University, United Kingdom, 2020.

[18] www.cve.org/About/Overview., Accessed 07.12.2021.

[19] Devi, R., Kumar, M., Testing for Security Weakness of Web Applications using Ethical Hacking. Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020).

[20] Agrafiotis, I., Nurse, J., Goldsmith, M., Creese, S., Upton, D., A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate, Journal of Cybersecurity, 2018.