June 2015 Blog Posts (14)

Top IT Security Conferences In The World - includes Def Con, Black Hat, RSAC, ShmooCon, SACON & many more

Here's a list of World's Best and Most Popular IT Security Conferences. Details such as Tentative Time, Pass Price and Locations are mentioned so you can plan your Calendar.

Top IT Security Conferences In The World:

1. Black Hat

Claims to be the most technical and relevant global IT security conference in the world. Black Hat USA believes in…


Added by pritha on June 30, 2015 at 10:00pm — No Comments

Vendor Selection Framework For Integration Of Threat Intelligence With SIEM

Here is a comprehensive checklist to Evaluate SIEM Vendors. We highly appreciate this community contribution.

by Sunil Soni, CISO, Punjab National Bank

Vendor Selection Framework For Integration Of Threat Intelligence With SIEM…


Added by pritha on June 29, 2015 at 12:00pm — No Comments

Checklist: Skillset required for an Incident Management Person

Technical Skills:

Major Areas Of Focus:

  • Incident Response
  • Computer Forensics
  • Network Security
  • Secure Architecture

( Read More: CISO Platform…


Added by pritha on June 26, 2015 at 5:00pm — No Comments

SAP vulnerabilities highlighted in many Cyber Security Reports

Recently, HP published their yearly Cyber Risk Report 2015. Having many typical things spotlighted in this report such as growing number of ATM and IOT Security events, we have found some parts that are relevant to business application security, which we are honored to share with our readers, customers and partners.

According to their report, HP Zero Day Initiative were busy coordinating the disclosure and remediation of over…


Added by Alexander Polyakov on June 25, 2015 at 7:41pm — No Comments

Chinese attack on USIS using SAP vulnerability - Detailed review and comments


On 11th of May, a security headline broke out in the news, it was about an attack on USIS (U.S. Investigations Services) conducted potentially by Chinese state-sponsored hackers via a vulnerability in SAP Software. Hackers broke into third-party software in 2013 to open personal records of federal employees and contractors with access to classified intelligence, according to the government's largest private employee investigation…


Added by Alexander Polyakov on June 25, 2015 at 6:30pm — No Comments

The Issues in Cyber-Defence and Cyber-Forensics of the SCADA Systems

The peace, prosperity and economic development of any Nation depends upon its critical infrastructure and how well-protected it is. These critical infrastructures are distributed physically and virtually in space and time. The Supervisory Control and Data Acquisition (SCADA) systems are an important component of the process to control and monitor industrial and infrastructure process 24/7. Initially,   these SCADA systems were designed to run in an…


Added by Sandeep Mittal, IPS on June 24, 2015 at 6:32pm — 3 Comments

SAP Passwords part 2: SAP HANA Secure Storage. How it works

In our previous article we’ve already covered how SAP ABAP Security Storage works. Today’s post is dedicated to SAP HANA Security Storage.

SAP HANA is a recent key product of SAP. It is a software solution based on the in-memory technology, that reduces the time of the data processing significantly.

This product has obviously caused an excitement among large enterprises interested in…


Added by Alexander Polyakov on June 24, 2015 at 4:00pm — No Comments

Leap Second-Are You Ready For It?

The next Leap(26th leap) Second will be on 30 June,2015. The last one was on 30 June,2012.

What Is It?

Earth's rotation is slowing down around it's own axis, so we need to Leap a few seconds to catch up. Occasionally seconds are added to UTC to compensate for its drift from the Solar Mean Time or UT1. UTC (Coordinated Universal Time) is followed universally which approximates to UT1.…


Added by pritha on June 23, 2015 at 8:30pm — No Comments

Securing SAP Systems from XSS vulnerabilities Part 1: Introduction

With this article we are starting new series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. XSS is by far one of the most popular vulnerability indeed in all products and a most popular vulnerability in SAP products with total number of 628 vulnerabilities that is almost 22% of all vulnerabilities ever found in SAP during 12 years. You can find this in our latest research…


Added by Alexander Polyakov on June 17, 2015 at 3:45pm — No Comments

ERPScan warns SAP Clients about serious vulnerabilities in Microsoft affecting Afaria and other products

April 17, 2015 – As a part of monthly updates Microsoft released security update MS15-034 which closes vulnerability in driver HTTP.sys which enables an attacker to execute arbitrary code on OS remotely.

This update has a critical status as almost every modern version of Microsoft operating systems (Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2) is vulnerable.



Added by Alexander Polyakov on June 17, 2015 at 12:49pm — No Comments

SAP Mobile Platform Security: Introduction

Mobile devices are actively integrated into business processes. Companies have more and more business applications and mobile devices. Employees increasingly bring their own equipment to the workplace (BYOD policy – Bring Your Own Device) and gain access to critical corporate information.

SAP Mobile Platform (or SMP, formerly called Sybase Unwired Platform, or SUP) is a MEAP (Mobile Enterprise Application Platform) solution. SMP is used for monitoring…


Added by Alexander Polyakov on June 17, 2015 at 12:48pm — No Comments

How the deals change based on your browsing history or your login credentials?

Imagine you are on a shopping website or on a travel booking website and you see a deal which is quite exciting and your try and book, either you login with your account on the website or if you proceed to pay it gives a pop up, “Oops” price just got up by x amount and you end up paying the higher price which turns out to be a deep hole on your pocket.


The reason that amount YOU will be charged is due to a complex formula based on the condition of other items you've bought or…


Added by Anubhav Bathla on June 10, 2015 at 2:00pm — No Comments

End point Protection Solution-Some Points To Consider

End point Protection Solution:

 Managing the End point is one of the key areas where security to be built strongly. As this is the entry point, arresting at this level would help and make our  network stable.  So Data at rest (end storage), data during motion (connectivity), data  in use(end point) should be secured .  Data in use is always more threat than others.  In present scenario, end point does not mean only desktop, it includes mobile, tab,  thin client etc.  With boom…


Added by V.SENDIL KUMAR on June 10, 2015 at 1:30pm — No Comments

Comprehensive Salary Guide For Cyber Security Professionals: First Time Ever In India

CISO Platform Launches India’s First Ever Study Of The Salary Of Cyber Security Professionals

New Delhi, Bangalore, India, June 4, 2015: CISO Platform, an online community for senior IT Security Professionals announces the official launch of its comprehensive…


Added by CISO Platform on June 6, 2015 at 11:30am — No Comments

Monthly Archives













CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */