Defcon is the time when I have no business meetings and am quite disconnected with the world. A good time to immerse myself in my own thoughts. Last week during Defcon @ Las Vegas, I was thinking on how difficult it is build a secure system. We get amazed by hacking various stuff but is lot more amazing to think how tough it is to build a secure…Continue
Added by bikash on August 14, 2014 at 9:30am — No Comments
(Source: Defcon 22-Las Vegas)
Added by CISO Platform on August 14, 2014 at 3:00am — No Comments
(Source: Defcon 22-Las Vegas)
Added by CISO Platform on August 14, 2014 at 2:30am — No Comments
Added by CISO Platform on August 14, 2014 at 2:23am — No Comments
Added by CISO Platform on August 14, 2014 at 2:15am — No Comments
The last fortnight has been like real busy @CISO Platform Annual Summit, 2013. But taking into consideration the brainstorming sessions,the brimming CISOs, the altogether wonderful experience, it all seems worth it! Nevertheless, there are always great talks on which we like to catch on any time again!
( Read more: …Continue
Added by pritha on December 16, 2013 at 6:00pm — No Comments
A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done by outside companies with no bias and partiality to anyone or anything within your organization. Another reason to hire a security testing company is that one may find it difficult to hire and retain Penetration…Continue
Added by bikash on May 14, 2013 at 6:00pm — No Comments
What is SAST?
SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.
What is DAST?
DAST or Dynamic Application Security Testing is the process of testing an application during its running state. In…Continue
Added by bikash on May 14, 2013 at 4:00pm — No Comments
Safe Penetration Testing – 3 Myths and the Facts behind them
Penetration testing vendors will often make promises and assurances that they can test your Web Applications safely and comprehensively in your production environment. So when performing Penetration Testing of a Web Application that is hosted in a Production Environment you need to consider the following myths and facts which can directly or indirectly end up causing you…Continue
Added by bikash on May 14, 2013 at 3:30pm — No Comments
The Internet has plenty of crackers, known as "black hats", who work to exploit computer systems.You also have white hats. When hackers are hired by companies to do penetration testing, it's legal and known as white hats. In this section we profile five of the most famous and all time favourite "black hat"…Continue
MIT got hacked.Anonymous defaced the MIT to protest against the case of “Aaron Swartz”.
Without getting into who really hacked or the “cause” behind the protest, I just wanted to dissect it as an interesting case of multi-stage attack which proves that just securing your application is not good enough.…Continue
Hackers that use their skills for good are classified as "white hat." These white hats often work as certified "Ethical Hackers," hired by companies to test the integrity of their systems. Others, operate without company permission by bending but not breaking laws and in the process have created…Continue
Added by CISO Platform on July 16, 2012 at 10:30pm — No Comments