Featured Blog Posts (151)

Cyber Security Considerations Regarding Telework or Remote Work Options in COVID 19

This blog is posted on behalf of Nilesh Gavali. As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to connect employees to an organization’s information…


Added by CISO Platform on April 8, 2020 at 4:01pm — No Comments

Check list for Work from Home Amidst COVID 19

This is posted on behalf of Ashish Khanna, Assistant Vice President - Corporate IT for EIH Limited (Oberoi Group).

Due to CORONA virus most of the organizations are allowing their employees to work form home.Here is a checklist for work from home amidst COVID-19.

Check list for Work from Home Amidst COVID…


Added by CISO Platform on April 8, 2020 at 3:30pm — No Comments

Information Security Tips when Working from Home (COVID 19)

These Information Security Tips when Working from Home are posted on behalf of Bhushan Deo, CISO for Thermax Limited

Connection & Access

  1. Avoid connecting to unsecured Wi-Fi / networks for internet.
  2. Use…

Added by CISO Platform on April 8, 2020 at 3:49pm — 1 Comment

Covid-19 – Teleworking Guideline

By @NileshGavali, CISSP, Security+

Covid-19 – Teleworking Guideline

As You all…


Added by Nilesh Gavali on March 22, 2020 at 8:30pm — No Comments

COVID 19 : Lessons Learnt (11 March 2020)

I have been involved in response to COVID19 which took the world by surprise & during last 2 months, I did several things at unprecedented speed.

I am putting together this article summarizing my lessons learnt & hope these will be useful for others. I would have liked to articulate more, but I am choosing to keep my sentences short & straightforward - exactly how you should communicate when you are dealing with infectious diseases

So here are the lessons…


Added by Siddharth Sharad Padbidri on March 11, 2020 at 3:30pm — No Comments

CISO Platform Annual Summit, 2020 Highlights

We wanted to share with you some of the amazing moments from “Annual Summit, India 2020” @ Bangalore on 21 & 22 Feb. We had over 700+ attendees including CISO and SACON attendees sharing knowledge through Taskforce Presentations, Panel Discussions Round Tables, Workshops and more making the conference a huge success.…


Added by CISO Platform on March 3, 2020 at 10:30am — No Comments

Endpoint Detection and Response - A Guide

By @NileshGavali, CISSP,SecurityPlus


Today’s organizations face huge challenges securing and protecting servers, networks, and …


Added by Nilesh Gavali on February 28, 2020 at 4:50pm — No Comments

Nebula – walkthrough – EXPLOIT (level00)

Nebula : flag00

Hey, guys i just decided to solve the Nebula machine from exploit education.

I’ve also made a youtube video about it which you can refer to.

Youtube link : https://youtu.be/9Xd28FjugM8…


Added by Prasanna V Balaji on February 18, 2020 at 4:30pm — No Comments

(Free PPTs) Top Talks @ SACON - 2020 !

Get free access to the presentations by Gregory Pickett Nandan NilekaniAndrea MarcelliJames StangerJim HietalaShivangi NadkarniMonojit ChoudhurySrinivas Poosarla & more. SACON is one of the largest Security Architecture Conferences in APAC region. With over 600+ participants, this was the 7th edition of SACON and here are a few highlights we wanted to share with you. It…


Added by pritha on March 3, 2020 at 4:30pm — No Comments

Becoming a Cloud Security Architect - my personal experience

A couple of weeks ago I was asked by my colleague to give him some clues and tips on how to become a Cloud Security Architect, as that's the venture he wants to follow and he knows I've been in architect-alike roles for a while.

Knowing how much fulfillment one can get from a good career and work-life, I've had decided to sit down and write down some tips right-away. I did share it with him, but then I've had looked at it myself and I've come to realize that instead of a few tips, I…


Added by Dawid Bałut on December 23, 2019 at 8:06pm — No Comments

9 Critical Capabilities For Digital Risk Protection Program

Digital Risk Protection ( DRP ) is a term possibly popularized or coined by Forrester to describe the market of tools and technologies to protect from the risks posed by externally facing digital assets. As per Forrester: “Most buyers (77%) are purchasing DRP tools as net-new solutions for their organizations (as opposed to replacing an existing capability). They’re adding DRP to their existing security technology stacks to better tackle digital risk activities — namely, to improve…


Added by CISO Platform on October 24, 2019 at 12:41pm — No Comments

A Dive into CEH

How do you prepare for CEH ?

The first question that you should ask yourself is why CEH over other certs ?

Apart from CEH being a highly recognized Cert, CEH gets you strong with you basics in the security domain,

this branches out into different paths such as:

# Penetration testing (VAPT)

# Management Level roles 

# Audit level roles / Forensics 



Added by Prasanna V Balaji on December 13, 2019 at 4:21pm — No Comments

Dear Security Community, are we doing it right?

Compliance Vs Security:

Compliance does not always mean you are secure, totally agree. But does not mean Compliance, Standards and Processes are useless, it is not as glamorous, but it works silently in the background. Compliance covers all the areas equally while performing risk assessments and improves overall security baseline. E.g. periodic checks for access control and least privileges go a long way not only in…


Added by Santosh C on December 9, 2019 at 11:29am — 1 Comment

How to create an SPF TXT record?

Step 1: Collect all IP addresses that are used to send email

The Sender Policy Framework (SPF) gives the ability to authenticate your email and to specify which IP addresses are allowed to send email on behalf of the specific domain.

In order to successfully implement SPF you first need to identify which mail servers are used to send email for your domain. These mail servers can be any sending organization, you should think of your Email Service Provider,…


Added by Priyank Sheth on December 17, 2019 at 4:00pm — No Comments

Progress Report & Volunteers - Kids Cyber Safety 2019

Our Mission

Children are amongst the most vulnerable in the Cyber world and we believe It is time for us to do something for our next generation.

At CISO Platform community, we have taken on a mission to help the kids. We are creating "Kid's Cyber Safety Week" on June 4 -10 to help train kids and their parents.

We need you to help to realize our vision. It would be…


Added by pritha on November 26, 2019 at 8:30pm — No Comments

Lean Information Security Team for a Product Organization

Generally, security team size would always lean for any type, kind or size of the organization :-), however, we are seeing a change in the trend, thanks to high-profile and increasingly sophisticated data breaches every other day and new privacy regulations being enforced across the world. I will try to summarize the key roles and responsibilities of the security team specifically for a cloud-based product organization.



Added by Santosh C on November 26, 2019 at 10:02am — 1 Comment

How mature is your Application Security Program?

Business applications are vital for the successful functioning of any organization. Therefore, managing their information security risks are just as important as the business itself. If I ask about different measures you take to ensure security of your applications, you might reply with few initiatives such as periodic secure code reviews, external scans, vulnerability assessments & penetration testings and perhaps audits etc. But what If I asked how…


Added by Pushkal Mishra on August 30, 2019 at 7:00pm — No Comments

Learn More About the Key Use Cases Of Network ATP Technology

Advanced Threat Protection (ATP) is used to protect against sophisticated, highly skilled, well funded and motivated threat actor . The solution uncovers advance threats across Endpoints, Network, Email and Cloud. These solutions are used to detect advanced persistent threats that existing controls are not able to detect or are simply not capable of doing it.

Advance threat protection is not about a single security solution, It is about a combination of security…


Added by CISO Platform on September 4, 2019 at 12:37pm — No Comments

How to choose your Security / Penetration Testing Vendor?

A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done by outside companies with no bias and partiality to anyone or anything within your organization. Another reason to hire a security testing company is that one may find it difficult to hire and retain Penetration Testers.…


Added by CISO Platform on September 3, 2019 at 9:30am — No Comments

Top 10 SIEM Log Sources in Real Life?

[cross-post from Anton on Security blog]…


Added by Dr. Anton Chuvakin on August 27, 2019 at 4:00am — No Comments

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service