All Blog Posts (1,343)

Dealing With Vulnerabilities in a Structured Fashion

The effectiveness of cyber security portfolio of an enterprise depends on multiple factors.  Efficient Vulnerability Management Program is one of the critical parameters to be considered. Considering the dynamic nature of the attack vectors, it is important to build the defense in depth from the scratch by adopting a holistic view. The biggest challenge in this arena is to have an effective measurable dynamic process followed…

Continue

Added by Lopa Mudraa Basuu on April 24, 2015 at 10:30am — No Comments

Information Security Awareness Mail of this week

Dear Colleagues,

“ Balance Checking Software App “ is an software application is doing rounds on WhatsApp purportedly to facilitate checking of balance in customers' bank accounts. The Reserve Bank of India (RBI) on Saturday (11th April 2015)warned the…

Continue

Added by venkata ramesh uppalapati on April 20, 2015 at 4:00pm — No Comments

SAP NetWeaver ABAP Security Configuration Part 5: Insecure Settings

Each application has several security settings that do not fit into any of the critical issues groups mentioned in our series of articles.Among such settings there are both standard settings (such as password length or the number of attempts given to enter invalid password) and the specific to the system, individual settings. In this article we are going to use as an example the SAP Gateway service access settings.

[EASAI-NA-15] Minimal…

Continue

Added by Alexander Polyakov on April 2, 2015 at 8:00pm — No Comments

Encryption and Decryption

The developers of the free & hugely popular encryption program dropped a bombshell at the end of May when they abruptly abandoned the project. The top of their website was emblazoned with the following message in red: "WARNING: Using our Software is not secure as it may contain unfixed security issues." It also said development of our software had ended after…

Continue

Added by Bharat Gautam on April 2, 2015 at 4:57pm — No Comments

How do you Measure Information Security in your Organisation?

What is your Information security posture? Is there a way to put a measurable score for information security? Can I set a SMART Infosec KPI? If these questions ever crossed your mind, then you are probably at the right place.

I try to address these questions by creating a Score Card for Information Security. Let's start with a Basic framework by collating all the Infosec related activities we do or wish to do to improve our confidence on our Systems and Processes. Allocate a weight to…

Continue

Added by Rahul on March 27, 2015 at 9:28pm — No Comments

Advanced Threats In The Enterprise

Watch Video: (Webinar) "Advanced Threats In The Enterprise"

( Read more:  Checklist to Evaluate a DLP Provider )

What will you…

Continue

Added by Sagar k on March 27, 2015 at 2:30pm — No Comments

SAP NetWeaver ABAP Security Configuration Part 4: Open remote management interfaces

Today we are going on with our series of articles where we describe the 33 steps to security. The subject is of great significance not only to a small group of SAP infosec specialists, but to all those people who work with ERP systems as recent years have witnessed an increased awareness of business data protection problems. Not to go into details, let us get right to the topic. 

The SAP NetWeaver platform includes not only the Dispatcher service…

Continue

Added by Alexander Polyakov on March 26, 2015 at 3:00pm — No Comments

Risks and Opportunities provided by Cyber Domain and Policy-needs to address the Cyber Defense

The term ‘Cyber Domain’ has been used widely by various experts, sometimes interchangeably with ‘Cyber Space’, to imply – “the global domain within the information environment that encompasses the interdependent networks of information technology infrastructures, including the internet and telecommunication networks” (Camillo & Miranda, 2011). Today it has become “the fifth domain of warfare after land, sea, air and space and its a challenge to have a common definition of cyber Domain”…

Continue

Added by Sandeep Mittal, IPS on March 17, 2015 at 9:00am — No Comments

Intelligence Driven Security - SIEM & Beyond

Watch Video: (Webinar) Intelligence Driven Security - SIEM & Beyond

( Read more:  Checklist to Evaluate a DLP Provider )

What will you…

Continue

Added by CISO Platform on March 16, 2015 at 11:30am — No Comments

Pre-launch Preview: State of Security Technology Adoption in Enterprises - Annual Report 2015

We are happy to announce the results of the annual survey of Security Implementation Status and Industry Benchmarking, in which 410 companies have participated in the enterprise segment. This is a preview of the key findings on the implementation of various security technologies.

The data has been collected through the survey conducted online through the "5th Top 100 CISO Awards,…

Continue

Added by CISO Platform on March 12, 2015 at 5:30pm — No Comments

Highlights from Community Breakfast Series on CISO Platform Index (CPI) and Vendor Evaluation Checklist

We are thrilled to have received so many wonderful ideas and suggestions during the breakfast series specifically focusing on CPI findings. Here are the quick highlights!

What was the objective of the Community Breakfast?

  • Preview of CPI Findings: To present the findings and the rating done by the CISO Platform Community for various products until now. Security officers at the meet were the first to…
Continue

Added by pritha on February 25, 2015 at 1:30pm — No Comments

RIoT : Raiding Internet of Things

Watch Video: (Webinar) RIOT( Raiding Internet Of Things)

(Read more:  Annual Survey on Cloud Adoption Status Across Industry Verticals)…

Continue

Added by pritha on February 23, 2015 at 2:17pm — No Comments

SAP NetWeaver ABAP Security Configuration Part 3: Unnecessary Functionality

Third critical area. Unnecessary functionality

What is the most common problem of any more or less complex application? In essence, they almost always have numerous unnecessary functions aimed to perform multiple tasks. 

Obviously, that makes the whole system vulnerable. The more functionality is available, the higher becomes the number of vulnerabilities. "Complexity Kills Security" 

More importantly, all those functions are enabled by default right from the…

Continue

Added by Alexander Polyakov on February 11, 2015 at 3:33pm — No Comments

SAP NetWeaver ABAP security configuration part 2: Default passwords for access to the application

Second critical category. Default passwords for access to the application



For the two previous weeks we’ve been discussing the top-9 critical areas and the 33 steps to be taken for security assessment. Ultimately, we’ve covered patch management flaws - the first critical category in our list. As you should have probably guessed, today it’s time we take a closer look at the next item from our list of critical issues - default passwords.

It is a wide reaching…

Continue

Added by Alexander Polyakov on February 2, 2015 at 9:30pm — No Comments

Big Data Security Challenges and Recommendations!

This is a great Big Data webinar(15 min), hosted by CISO Platform and briefly points out the Security Challenges and also Recommends Some Fixes. It is presented by Head of Development at Iviz.

What will you learn:

- Key Insights on Existing Big Data Architecture

- Unique Security Risks and Vulnerabilities of Big Data Technologies

- Top 5 Solutions to mitigate these security challenges…

Continue

Added by pritha on February 2, 2015 at 5:30pm — No Comments

Man in the Browser Attacks on Online Transactions & Prevention Strategies

This is a great Man In the Browser Attack webinar(15 min), hosted by CISO Platform and briefly points out the Risks and also Recommends Some Fixes. It is presented by the CTO at Iviz. MiTB being particularly important for banking and finance Industry.

What will you learn?



- Learn why MiTB attacks pose a high risk to online banking and why is it hard to detect

- How Man In…

Continue

Added by pritha on February 2, 2015 at 5:30pm — No Comments

Top Information Security Checklists, Guides and Articles that our members loved the most !





2014 has been a great year at CISO Platform. We had around 1500 new senior executives joining the platform and published 120 new articles on security. Here are some of the best ones from 2014.

Top Security Checklists & Guides:
 …
Continue

Added by pritha on January 31, 2015 at 6:00pm — No Comments

5 Real ways to destroy business by breaking SAP Applications

Watch Video:

5 Real ways to destroy business by breaking SAP Applications

Do you know where all the critical data of your company is stored? Is it possible for attacker to commit sabotage or espionage against your company by breaking into…

Continue

Added by pritha on January 31, 2015 at 5:30pm — No Comments

Hacking Exposed:Why Current Security Solutions Fail

Here is an interesting webinar on the 'Insecurities of Security Products'. More often we consider the security vulnerabilities in products apart from security products. It is ironic how a product devised to provide security can also make you more susceptible to compromise. How-So will be demonstrated through a few examples.

3 Industry experts had joined us in this webinar-

  • Stuart McClure, Ex-CTO at McAfee & Lead author of 'Hacking…
Continue

Added by pritha on January 31, 2015 at 5:30pm — No Comments

BadUSB — On accessories that turn evil by Karsten Nohl

Watch Talk:

(Read more:  5 Best Practices to secure your Big Data Implementation)

BadUSB — On accessories that…

Continue

Added by pritha on January 31, 2015 at 5:30pm — No Comments

Monthly Archives

2020

2019

2018

2017

2016

2015

2014

2013

2012

1999

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service