Advanced Threat Protection (ATP) is used to protect against sophisticated, highly skilled, well funded and motivated threat actor . The solution uncovers advance threats across Endpoints, Network, Email and Cloud. These solutions are used to detect advanced persistent threats that existing controls are not able to detect or are simply not capable of doing it.

Advance threat protection is not about a single security solution, It is about a combination of security…

An emerging technology, Endpoint Detection and Response (EDR) constitutes a set of tools and solutions that enterprises use to detect, investigate and mitigate suspicious activities on hosts and endpoints. The term was originally called as Endpoint Threat Detection and Response (ETDR) but it is more popular as EDR.

Threat Intelligence Program is a set of people, process and technology which enables you to proactively Identify, collect, enrich and analyze threat information, strategic and tactical, so that your organization is ever ready to defend and respond to any kind of cyber attacks. Threat intelligence as applied in conventional security is  any information that helps you tune your security defenses, build an effective response program for any contingency and also if required take preemptive…

A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done by outside companies with no bias and partiality to anyone or anything within your organization. Another reason to hire a security testing company is that one may find it difficult to hire and retain Penetration Testers.…

Capital One data breach affected over 106 million people, 140,000 Social Security numbers, 80,000 bank account numbers,1,000,000 Social Insurance Numbers ... The breach had taken place about 4 months back however it took some time before the breach was realised, in-fact it took an external tip for Capital One to realise something had happened.

The legal case built was quite interesting. Before I share the legal case link heres a short summary just in-case you dont know…

This is a summary of the panel discussion at Security Symposium & Cyber Sentinel Award by Infocon global. The panel discussion was moderated by Jitendra Chauhan (Head of Engineering at FireCompass) along with Balaram (CISO, Manthan), Ananth Kumar Ms (Head-IT Assurance & Security, Janalaxmi Financial Services), Sumanth Naropanth and Ramakrishna Roy.…

The Marriott fine of $ 124 Million comes right after a record fine of $230 million imposed by ICO on Monday following the British Airways Data Breach. The ICO's investigation found that the British Airways breach exposed personal data for 500,000 customers. It involved attackers installing malicious code on British Airways's site that rerouted customers to a phishing site that stole their personal details and payment card details.…

The cloud adoption is everywhere.. everyone is doing it, but that doesn’t mean they’re doing it right. CompTIA reported recently that 90 percent of companies are using cloud computing in some form. 

The CISO Platform Playbook Round Table discussion happened with 34-40 CISOs across metros along with VMware. The discussion was driven by Bikash Barai and the inputs from the discussion have been put together (CISO names are not provided based on privacy…

We created "CISO Platform 100" with the vision to recognise those who are making a difference to the world of security. Top 100 Influencers on an average have over 68170 followers on twitter in which some of the Top Influencers have over 3,81,304 followers. Top 100 influencers are divided into 4 categories – CISO, Tech Leaders, Ethical Hackers and Media/Analyst. 

As a part of our …

There is a steep rise in interest from the Board & CEO of an organization to understand the security posture of their company. Partly because of the increasing pressure from the government regulators, stakeholders & discussions on the potential risk of individual liability for corporate directors who do not take appropriate responsibility for oversight of cybersecurity.…

Not having real time view of your dynamic digital footprint and the risks it is introducing, leaves an organization in the dark and serves as a low hanging fruit for attackers to use this exposed information to fuel their malicious attacks. Understanding the impacts of Shadow IT can be crucial.…

The Forrester Wave™ Guide on Web Application Firewall, Q2 2018, is a detailed guide that helps you understand the 33 criteria & How To Use To Effectively WAF, Forrester Wave, helps in Measure Up WAF Vendors which is developed by Forrester for evaluating web application firewall vendors. 

In this evaluation, Forrester has identified 10 most significant ones - Akamai Technologies, Amazon Web…

With the increased growth in the usage of the internet, mobile applications, and the Internet of Things, applications become ubiquitous but their security is low key. Deploying an effective WAF will be one of the baseline measures organizations can take to protect themselves from breaches and secure their customers.…

Security Technology Adoption Report 2018 is a study by CISO Platform in association with FireCompass. This survey was conducted online and the results discussed in the report are based on the responses of CISO’s across the country. There are more than 395 data points from across the country.…

Deep Web is the internet that cannot be accessed through standard search engines or the pages that are not indexed in any way.

Top 3 Misconceptions About the Deep Web

Deep Web & Dark…

2018 started with our community meets for Security Priority Planning for 2018.. and through our live survey we gathered some interesting insights. Technologies that are part of Key Focus Area for a CISO in 2018 are Security Analytics, SOC Implementation/ Upgradation, 3rd Party Risk Management, Awareness & Education, Vulnerability Management, Managing Advanced & Targeted Threats, Threat Intel Program, Incidence Response Program, Cloud Virtualization, Privacy, Cyber Resilience…

Top 10 Emerging Technologies in 2018:

2018 started with our community meets for Security Priority Planning for 2018.. and through our live survey we gathered some interesting insights. Most votes (in percentage) were for network behaviour analytics, Security Orchestration, Cyber Risk Insurance, Secure DevOps & UEBA(User & Entity Behaviour Analytics). Technologies like MDR, Deception, Container Security,…

Enterprise mobility management suites connect mobile devices to enterprise workflows while supporting the perpetual growth in device numbers and types. Professionals responsible for mobile and endpoint strategies, must maintain focus on near- and long-term goals in this dynamic segment. 

>> …

Everybody has logs and that means that everybody ultimately will have to deal with them—if only because many regulatory mandates prescribe that. In this guide, Dr. Anton Chuvakin will analyze the relationship between SIEM and log management, focusing not only on the technical differences and different uses for these technologies but also on architecting their joint deployments. In addition, he will provide recommendations for companies…

Deception is a very useful and effective tactic to detect and evade threats in many situations. The modern cybersecurity situation is one such example.

This book explains cybersecurity deception and technologies in six short chapters which includes:…