All Blog Posts (1,007)

(Breach) NASA Hacked : Why It Happened & What Can You Learn?

(NASA Hacked) On 21 June, 2019 major news channels disclosed a major hack on NASA. Hackers were able to gain unauthorized access using Raspberry Pi and stole ‘Mars Mission Data’ and breached ‘NASA’s satellite dish network’. This happened around April 2018 and went unnoticed for for almost a year. It is advisable to do an attack surface analysis for an organization to have a know-how of all the access and assets.…



Continue

Added by pritha on July 11, 2019 at 1:13pm — No Comments

Cloud Governance Model - Areas of Risk & Counter Measures Required

Cloud computing has transforming businesses across the globe, the entire enterprise infrastructure is moving to the cloud. With accelerating adoption of cloud, organizations are increasing their attack surface and infrastructure security in cloud computing is an issue given the hyper-connected nature of the cloud.

The below checklist has been created by Nitish Goyal,Information Technology Risk Office at Ocwen (many of…
Continue

Added by Priyanka Aash on July 4, 2019 at 2:30pm — No Comments

(Playbook Round Table) Cloud Security Architectural Trends: Zero Trust, Micro-segmentation & more

The cloud adoption is everywhere.. everyone is doing it, but that doesn’t mean they’re doing it right. CompTIA reported recently that 90 percent of companies are using cloud computing in some form. 

The CISO Platform Playbook Round Table discussion happened with 34-40 CISOs across metros along with VMware. The discussion was driven by Bikash Barai and the inputs from the discussion have been put together (CISO names are not provided based on privacy…

Continue

Added by CISO Platform on July 2, 2019 at 4:00pm — No Comments

10 Areas of Risk in Enterprise Cloud Security Controls across Infrastructure

Cloud computing has transformed every business across the globe, from basic tools to enterprise applications. The entire enterprise infrastructure is moving to the cloud. With accelerating adoption of cloud, organizations are increasing their attack surface and infrastructure security in cloud computing is an issue given the hyper-connected nature of the cloud.

The below checklist has been created by Nitish…
Continue

Added by Priyanka Aash on July 2, 2019 at 2:00pm — No Comments

(Best Of The World Webinar) Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps

This presentation will address all the relevant information about default security postures achieved by using the -aaS model. This session will be a unique opportunity to hear from Murray Goldschmidt, renowned DevSecOps expert, explaining the key items to achieve a secure deployment from build through ongoing continuous deployment, particularly for CI/CD DevOps environments

Key Points To Be Discussed:

-Learn the…

Continue

Added by pritha on June 16, 2019 at 3:00pm — No Comments

(Webinar) How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Disclosures and more..

Breaches are at all time high. In this webinar learn the do's and don't of handling breach disclosure. Best practices of how to set up a bounty program . How to respond to responsible disclosures? Do's and Don'ts and learning from the industry.

Key Points To Be Discussed:

-How to build a vulnerability disclosure program?

-What are various types of vulnerability disclosures programs?

-When and when NOT to…

Continue

Added by pritha on June 16, 2019 at 3:00pm — No Comments

Top Learning from RBI & SEBI Cyber Security Framework Circular

RBI & SEBI has recently notified the Banks and Stock Brokers/Depository Participants and published a cyber security framework to be deployed. Here is a consolidated learning compiled by us and you can also access the detailed frameworks from here…

Continue

Added by pritha on June 13, 2019 at 12:00pm — No Comments

A Guide to Choosing a Next-Generation Firewall

Now that we have examined the differences between traditional firewalls and the next generation firewalls (NGFW), let's look at five of the top NGFW solutions from Cisco, CheckPoint, Fortinet, WatchGuard and Dell (SonicWALL).

It is important to note that these five vendors were selected as they were highlighted in the most recent industry reports; they're not the only NGFW vendors on the market today and enterprises have other…

Continue

Added by Meghana P on June 10, 2019 at 2:00pm — No Comments

How to handle breach disclosures? Bug Bounty, Coordinated Vulnerability Disclosures and more...

We wanted to share an alert with all the community members



Yesterday HCL data Breach was made public by a security research organization which is now in news. We wanted to share some best practices on how to handle such situations






Dos & Don'ts On How To Handle Such Situations

  • Create A Public Page: Create a public page on how researchers can disclose…
Continue

Added by pritha on May 23, 2019 at 3:49pm — No Comments

Webinar: 5 Shocking Results From Hidden Internet - Exposed Database,Leaked Passwords, Code Leaks & more

In recent past there have been some major breaches and some key reasons responsible for the breach were Shadow IT, Leaked Credentials, 3rd Party/Vendor Risks. Major breaches happened, like American Express, Uber, Dropbox, Dunkin Donuts, British Airways & many more. FireCompass product & their research team continouosly monitor the web (surface,deep,dark) to understand the leaked credentials, pattern of data loss etc... this…

Continue

Added by pritha on April 26, 2019 at 5:30pm — No Comments

A Cautionary Tale about Next Generation Firewalls…

Businesses and organizations are fielding more & more next-generation Information Security technologies to reduce their risks as businesses leverage cloud capabilities and from advanced persistent threats. Unfortunately, we see our customers falling into a common Information Technology and general acquisition trap: Significantly underestimating the complexity, cost, and time to complete the Next Generation Firewall (NGFW)…

Continue

Added by Meghana P on April 4, 2019 at 2:27pm — No Comments

Threat Intelligence - Do We Understand It ?

Threat Intelligence - It is the one word we all have heard various times recently. The subject has been under constant scrutiny for a while now, but do we understand it? Moreover, since it has been viewed very differently from different viewpoints of various security professionals, to start with let’s get to the crux of it. The ultimate goal is to provide a binary answer to the question, “Do I have a compromised system in my…

Continue

Added by Aditya Khullar on March 12, 2019 at 11:30am — No Comments

A Basic Guide To Update & Prepare For CESG - CAS(T)

BASIC GUIDE TO CESG - CAS(T)

BY: MANOJ VAKEKATTIL

ISO27001:2013LA,CISM,CCNA,MCITP,ITIL-V3 CERTIFIED

OVERVIEW

CESG Assured Services for Telecommunication –CAS(T)

CAS(T) is a certification scheme for clients providing telecommunication services . The scheme supports the government public services Network (PSN),which requires all telecom services procured by public sector bodies be assured to suitably protect…

Continue

Added by Manoj Vakekattil on March 11, 2019 at 1:30pm — No Comments

DEVSECOPS – THE WHAT, WHY, AND HOW?

DevSecOps, or the blending of an enterprise’s applications development with systems operations teams with collaboration of security has become a trendy IT topic. The new operating model is often employed in conjunction with Agile software development methods and leverages the scalability of cloud computing — all in the interest of making companies more nimble and competitive. Today CIO’s/CISO’s should revise DevOps to include Security module from beginning. Investing in firewalls and…

Continue

Added by Aditya Khullar on March 11, 2019 at 1:11pm — No Comments

(Sneak Peek) RSA Innovation Sandbox 2019 | Top Cyber Security Companies

The RSAC Innovation Sandbox Contest brings out cybersecurity’s boldest new innovators who have made it their mission to minimize infosec risk. Each year, 10 finalists grab the spotlight for a three-minute pitch while demonstrating groundbreaking security technologies to the broader RSA Conference community. Over the past five years, the contests top 10 finalists' have received over $2.05 billion in investments. (Source :…

Continue

Added by pritha on March 7, 2019 at 8:30pm — No Comments

(Free PPTs) Top Talks @ SACON - 2019 !

Get free access to the presentations by Dr. Phil Polstra, Wayne Tufek, Madhu Akula, Anant Shrivastava, Shomiron Das Gupta, Wasim Halani, Sahir Hidayatullah, Sudarshan Pisupati & more. SACON is one of the largest Security Architecture Conferences in APAC region. With over 500+ participants, this was the 6th edition of SACON and here are a few highlights we wanted to share with you. It was held on 15-16th Feb, Bangalore, India.…

Continue

Added by pritha on February 28, 2019 at 4:30pm — No Comments

Secure your Gmail , Hotmail & Dropbox with 2-Factor Authentication

Secure your Gmail , Hotmail & Dropbox with 2-Factor Authentication

Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically your password and the another is security code time-based One-Time-Password (OTP). 

 Two-step verification is an additional security which is now enabled on Personal Email Accounts, Social Media etc e.g.: iCloud, Gmail, Hotmail ,…

Continue

Added by Prasad on February 28, 2019 at 9:00am — No Comments

(CISO Platform Annual Summit 2019) From The Hidden Internet : Lessons from the 12 Months of Monitoring

From The Hidden Internet : Lessons from the 12 Months of Monitoring

Speakers

Jitendra Chauhan, PR Architect, Firecompass

Detailed Presentation:…

Continue

Added by Nazia on February 27, 2019 at 5:45pm — No Comments

(CISO Platform Annual Summit 2019) Scaling Appsec Program With Cyber Range

Scaling Appsec Program With Cyber Range

Speakers

ED Adams, CEO, Security Innovation

Satish Janardhanan, Head Of Application Security, Accenture

Detailed Presentation:…

Continue

Added by Nazia on February 27, 2019 at 5:41pm — No Comments

CISO Platform Annual Summit, 2019 Highlights

CISO Platform Annual Summit @Bangalore, last week saw over 150+ attendees for over 2 days making the spirit of knowledge sharing and learning a huge success in the Information Security Executives of India. Here are the highlights of the awesome keynotes, electrocuting Turbo sessions and some great knowledge boost training sessions.

It was held on 15th & 16th Feb, Taj Yeshwantpur, Bangalore, India.…

Continue

Added by Nazia on February 27, 2019 at 5:30pm — No Comments

Monthly Archives

2019

2018

2017

2016

2015

2014

2013

2012

1999

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service