Pritha's Blog (275)

Survey Analysis - Security Priority Planning Round Table, 2018

January 2018 started with 2 small community meets for Security Priority Planning for 2018. With 35+ members joining us in Bangalore & Mumbai, we gathered some interesting insights to share here.

Dates - 17th & 18th Jan, 2018…

Continue

Added by pritha on January 25, 2018 at 12:51pm — No Comments

SACON 2017 - Windows Forensic Workshop (Dr. Philip Polstra) Session Continuation

Continuation Sessions For Windows Forensic Workshop (By Dr. Philip Polstra)

Session 1

Continuation where we left off…

Continue

Added by pritha on November 23, 2017 at 11:30am — No Comments

SACON 2017 Keynotes & Speakers

Keynotes & Speakers…

Continue

Added by pritha on November 16, 2017 at 2:30pm — No Comments

(Free PPTs) Top Talks @ SACON - 2017 !

Get free access to the presentations by Moshe Ferber, Gregory Pickett, Murray Goldschmidt, Dr.Philip Polstra & more. SACON is one of the largest Security Architecture Conferences in APAC region. With over 400+ participants, this was the 4th edition of SACON and here are a few highlights we wanted to share with you. It was held on 10th-11th Nov, Hotel Lalit Ashok, Bangalore, India.

We had with us Top Security Industry Leaders who helped…

Continue

Added by pritha on November 13, 2017 at 8:00pm — No Comments

Incident Response Process - Signs Of Compromise

Here are some indicators which will help you detect a compromise :

  • Identification of same email from public domain to significant number of users or C-level employees or high value targets; encrypted attachments, password protected and zipped and protected to escape email malware filter; (put user in the reference list)
  • End point alert / HIPS / Host based malware alerts for local script execution for the same user, raise incident
  • Identify…
Continue

Added by pritha on September 19, 2017 at 4:20pm — No Comments

Top 8 Past Talks By Dr.Phil Polstra, Moshe Ferber, Gregory Pickett, Murray Goldschmidt & more @SACON

Top Past Talks By Moshe Ferber

Frequent Speaker at DEFCON, Blackhat, RSAC APJ, Royal Society London

Renowned Cloud Security Expert

1. From Zero To Secure In 1 Minute (Securing IaaS)

Conference : DEFCON 23

For complete presentation/slide : …

Continue

Added by pritha on September 12, 2017 at 12:00pm — No Comments

Technologies For Security Of BYOD

This article is a contribution by Chitranjan Kesari, AVP IT, Lodha Group for the information security community.

The need for flexibility, speed and information sharing means is mandatory to maintain a robust security arrangement that can protect the data and offer ability to stay connected. A reliable BYOD policy is required to help and safeguard our network. BYOD is to develop a policy that…

Continue

Added by pritha on August 30, 2017 at 2:00pm — No Comments

How to design an effective phishing simulation ?

This article was contributed by Sridhar Govardhan, CISA, CISM, CEH, General Manager-Cyber Security at Wipro

Phishing is a type of social engineering attack. Using phishing email, the attacker cleverly manipulates the natural human tendency to trust others and tricks the victim into act as per the instructed in the email. To be convincing, the fraudster will use…

Continue

Added by pritha on August 28, 2017 at 2:03pm — No Comments

Top 9 Past Security Talks By Dr. Phil Polstra

Dr. Philip Polstra

Author of ‘Linux Forensic’, 'Windows Forensic', 'Hacking & Penetration Testing With Low Power Devices' | Frequent speaker at DEFCON, Blackhat, BSides, GrrCON, ShakaCON | Renowned forensic expert

About : Digital forensics professor by day. Hardware hacker and penetration tester by night. Associate Professor, Digital Forensics at Bloomsburg University of Pennsylvania. Attended Northcentral University

Dr. Phil Polstra shall be conducting a Handson…

Continue

Added by pritha on August 11, 2017 at 7:30pm — No Comments

Basics Of Cyber Kill Chain Model

Cyber Kill Chain Model 

In military strategy, a 'Kill Chain' is a phase model to describe the stages of an attack, which also helps inform ways to prevent attacks

  • Situational Awareness - Ability to identify what is happening in the networks and system landscape
  • Reconnaissance - Identification and selection of the target/s host or network by active scanning
  • Weaponization & delivery -…
Continue

Added by pritha on July 14, 2017 at 10:00am — No Comments

NIST Aligned Process For Threat Management

This article highlights the Threat Management Process in Incident Response and brings in the understanding of the Kill chain model. Excerpts have been taken from a session presented at SACON - The Security Architecture Conference. You can view the full slide…

Continue

Added by pritha on July 13, 2017 at 12:30pm — No Comments

Top Learnings From Phising Drill

Article submitted by Suryanarayanan K, ,Central Bank Of India

Phishing attacks are one of the most common security challenges that both individuals and organizations face in keeping their information secure. Phishing is the attempt to obtain sensitive information such as usernames, passwords, credit/debit card details etc., often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Phishing is typically carried out by email…

Continue

Added by pritha on July 9, 2017 at 2:30pm — No Comments

Advanced Security Operations Centre (SOC) - Features & Technical Capabilities

This gives a glimpse of Advanced Security Operations Centre (SOC) Features & Technical Capabilities. This document is not explicit, it assumes you have prior knowledge of the subject, therefore only pointers have been mentioned.

This was presented at SACON and speakers explain subjects in detail during sessions for deeper understanding. Next…

Continue

Added by pritha on July 2, 2017 at 4:00am — No Comments

Machine Learning & Analytics For Threat Detection

This gives a glimpse of how 'Machine Learning & Analytics' can be used for Threat Detection. This document is not explicit, it assumes you have prior knowledge of the subject, therefore only pointers have been mentioned.

This was presented at SACON and speakers explain subjects in detail during sessions for deeper understanding. Next sessions are…

Continue

Added by pritha on July 2, 2017 at 2:00am — No Comments

Google's BeyondCorp - Components & Architecture (A Quick Summary)

Components of Google BeyondCorp

Device & Hosts

  • Device : Collection of physical & virtual components that act as computer. Eg. PC, Server, VMs
  • Host : Snapshot of a device state at a given point of time. Eg. Device might be a mobile phone, while a host would be specifics of operating system and software running on the…
Continue

Added by pritha on June 24, 2017 at 2:56am — No Comments

Application Threat Modeling : Types Of Threats

Here's a small classification of Types Of Threats In Application Threat Modeling. This was earlier presented in SACON (International Security Architecture Conference) by Nilanjan De [Multiple patents, Zero Day Discovery, Co-Founder at FireCompass]…

Continue

Added by pritha on June 20, 2017 at 12:30pm — No Comments

Comparing SIEM, Big Data & Behavior Analytics - Security Management Solutions

With Big Data and Behavior Analytics advances, the need of an SIEM at the enterprise level may be a question. This question is addressed in this report. It analyses, dissects and tries to find out the pros and cons of both sides.

>> Download…

Continue

Added by pritha on June 14, 2017 at 12:30pm — No Comments

Four Top Cyber Crime Trends - Recurring Trend In Cyber Security Incidents

This report gives insight into 4 key cyber security incident trends observed in 2015. Includes top insights and detailed analysis of each attack and how one could prevent their organisation from being a target as well as mitigation.

>> Download Report…

Continue

Added by pritha on June 14, 2017 at 12:00pm — No Comments

Incident Response : How To Classify Incidents Based On Its Severity ?

Author - Sanjay D. Tiwari, CISO, Suryoday Small Finance Bank

Prioritizing the handling of the incident is perhaps the most critical decision point in the incident handling process.

Incidents should not be handled on a first come, first served basis because of resource limitations. Instead, handling should be prioritized based on severity. Prioritizing incident defines how quickly the addressed incident need to be resolved.

Prioritization based on how quickly an incident to…

Continue

Added by pritha on June 6, 2017 at 7:00pm — No Comments

The Forrester WaveTM: Information Security Consulting Services

In this Forrester's report they identify and analyze 13 significant firms in the IT security consulting services - Accenture, Atos, BAE Systems, Dell SecureWorks, Deloitte, EY, HPE, IBM Security Services, KPMG, Protiviti, PwC, Verizon & Wipro …

Continue

Added by pritha on June 1, 2017 at 5:00pm — No Comments

Monthly Archives

2018

2017

2016

2015

2014

2013

2012

1999

Follow Us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2018   Created by CISO Platform   |   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

Related Posts