Social Network For Security Executives: Network, Learn & Collaborate
We use security products to secure our systems and our businesses. However, the very security products we use, can themselves have vulnerabilities which can leave us susceptible to attacks. We conducted a study recently to understand the vulnerability trends in security products.Read further to know more on what we discovered this time around.
How was the research conducted?
We started off with some survey on the internet to find something closely related to…Continue
Added by bikash on May 24, 2013 at 1:00pm — No Comments
1. Run Time Application Security Protection (RASP)
Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc and there is a great scope for a lot of these security features being built into the application so that it can protect itself during run time.
RASP is an integral part of an application run time environment and can be implemented as an extension of the…Continue
Added by bikash on May 14, 2013 at 6:30pm — No Comments
A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done by outside companies with no bias and partiality to anyone or anything within your organization. Another reason to hire a security testing company is that one may find it difficult to hire and retain Penetration…Continue
Added by bikash on May 14, 2013 at 6:00pm — No Comments
What is SAST?
SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.
What is DAST?
DAST or Dynamic Application Security Testing is the process of testing an application during its running state. In…Continue
Added by bikash on May 14, 2013 at 4:00pm — No Comments
Safe Penetration Testing – 3 Myths and the Facts behind them
Penetration testing vendors will often make promises and assurances that they can test your Web Applications safely and comprehensively in your production environment. So when performing Penetration Testing of a Web Application that is hosted in a Production Environment you need to consider the following myths and facts which can directly or indirectly end up causing you…Continue
Added by bikash on May 14, 2013 at 3:30pm — No Comments