Free/Opensource Tools -
- IT GRC Asset Management
Some functions can be used for technical controls to policy enforcement
OTRS http://www.otrs.com/en/
Redmine http://www.redmine.org/
Mantis http://www.mantisbt.org/ - IT GRC Risk Management-
GLPI http:
Free/Opensource Tools -
Here is a comprehensive checklist to Evaluate SIEM Vendors. We highly appreciate this community contribution.
by Sunil Soni, CISO, Punjab National Bank
Vendor Selection Framework For Integration Of Threat Intelligence With SIEM
Key Selection Cr
Here's a list of World's Best and Most Popular IT Security Conferences. Details such as Tentative Time, Pass Price and Locations are mentioned so you can plan your Calendar.
Top IT Security Conferences In The World:
1. Black Hat
Claims to be the mo
Technical Skills:
Major Areas Of Focus:
( Read More: CISO Platform Top IT Security Influencers (Part 1) )
Conceptual (Understand How-It-Works):
The next Leap(26th leap) Second will be on 30 June,2015. The last one was on 30 June,2012.
What Is It?
Earth's rotation is slowing down around it's own axis, so we need to Leap a few seconds to catch up. Occasionally seconds are added to UTC to comp
CISO Platform Launches India’s First Ever Study Of The Salary Of Cyber Security Professionals
New Delhi, Bangalore, India, June 4, 2015: CISO Platform, an online community for senior IT Security Professionals announces the official launch of its co
Gaana.com, one of the popular music streaming service got hacked. It is reported that 10 million username, email addresses, MD5-encrypted password, date of births, and other personal information has been stolen.
It is reported by their CEO that the
We had a long and nice week at RSA Conference 2015 in San Franciso. Some of you might have missed the event or missed some of the good talks even though you were there. so we have handpicked the best of RSA just for you.
Important Note:
RSA expo floor is the madness that we love. The fringes are more interesting to me than the center. If you want to spot the new go to the fringes. We tried to have a bit of fun this year by analyzing the buzzwords as seen in the expo floor.
How we di
I am on my way back from RSA Conference 2015 @ San Francisco. It is a cloudy day at New York. Perfect day to write a quick blog. Here's my interpretation of Amit Yoran's talk with a bit of my thoughts poured into it.
Taller walls won't solve the pro
(Read more: Annual Survey on Cloud Adoption Status Across Industry Verticals)
Quick Glimpse
Fairly technical content with demos where Jacob Holcomb speaks on Internet Of Things, Threat Mode
2014 has been a great year at CISO Platform. We had around 1500 new senior executives joining the platform and published 120 new articles on security. Here are some of the best ones from 2014.
This is a great Man In the Browser Attack webinar(15 min), hosted by CISO Platform and briefly points out the Risks and also Recommends Some Fixes. It is presented by the CTO at Iviz. MiTB being particularly important for banking and finance Industry
Contrary to the common man belief that 'Windows is very insecure', Microsoft has been very proactive in security. Apple iOS has a great deal of security too, it is described in its building from scratch in the iOS security document. Here are the few
Watch Talk:
(Read more: 5 Best Practices to secure your Big Data Implementation)
BadUSB — On accessories that turn evil by Karsten Nohl
Karsten Nohl is a cryptographer and security researcher
This talk introduces a new form of malware that oper
Watch Video:
(Read more: Under the hood of Top 4 BYOD Security Technologies: Pros & Cons)
Ants and Elephants in the CISO's Office by Paul Rain
I will show how ISO 9001 and ISO 27001 can be used together to deliver business value and demonstrate
From a recent webinar, I gathered the very notably important parts into organized sub-parts. This is the first part wherein the major hardware threats and my insights on them are described. Below is the exact portion of the webinar discussing the ha
A concise primer to Forensics for a beginner or a security expert- an insight into actual solution achieved through Forensics. The problem states a PGP message intercepted by an RAT and needs to be decrypted without the actual key? The process is br
(Read more: APT Secrets that Vendors Don't Tell)
The Heartbleed bug was a catastrophic vulnerability in widely used OpenSSL TLS implementation. This talk at CISO Platform Annual Summit, will give background how the Heartbleed bug was found by Cod
Cyber Safety in Cars and Medical Devices by Beau Woods, creator of IOT Security Framework. We are adopting connecting, computerized technology faster than we are able to secure it. When this technology is integrated into life and safety systems, bits
We are hosting an exclusive Best of the World Talks session on "Practical AI In Cybersecurity" featuring Anton Chuvakin (Security Advisor at Office of the CISO, Google Cloud) & David Randleman (Field CISO at FireCompass).…
Nominate Yourself: Click Here