All Articles

Myth: - DLP is for IT and it is an IT Project |Truth: - DLP is for Business and it is a Business Project

DLP Solution is implemented by IT for the business with the close association of various business departments; DLP implementation requires strong

Static Code Analysis: Binary vs. Source

Static Code Analysis is the technique of automatically analyzing the application’s source and binary code to find security vulnerabilities. According to Gartner’s 2011 Magic Quadrant for Static Application Secu

Organization scramble to achieve high business growth often overlooked the underlying processes which are the core of any business operation. A manual process to handle employee separation process lead devastating circumstances. Most organization tak

This project mainly aims to have an enterprise wide ITAM (IT Asset Management) Systems and endpoint protection and also to maintain the hardware and software inventory. It also brought in centralized IT management and control mechanisms for polices e

Kotak Mahindra Bank has initiated the DLP implementation across all business units in a phased manner and the implementation was started 6 months ago with critical business units. The solution monitors all channels, viz. Internet, Email and End point

What is Shellshock Bug?

Shellshock is a security vulnerability(CVE-2014-6271) in the widely used Unix Bash Shell which was discovered by Stéphane Chazelas on 12 September 2014 and disclosed on 24 September 2014. Subsequently, various researchers have

Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so on

Recently, we were pentesting a Data mining and Analytics company. The amount of data that they talked about is phenomenal and they are planning to move to Big Data. They invited me to write a blog on state of the art, Big Data security concerns and c

Current Project Synopsis:

• Responsible for Information Security of next generation mobile and fixed broadband networks (LTE/WiFi/FTTx) with All-IP networks over a cloud based framework for B2C/B2B markets connecting 200 Million 4G LTE, 50 Million W

Achieved Solution Benefits

To mitigate risk

• Prevent access breaches through privileged accounts
• Monitor activities carried out by privileged users
• Enforce accountability for use of generic privileged accounts
• Enforce granular access restrictions as

This is the second compilation of Best Of Defcon 22 at a glance. The following Links will link you to the respective complete PPT. 

Important Note:

• All presentations are courtesy Defcon and is presented as-is without any modification
• Some of the des

Just had a hectic week at Defcon and Blackhat. Defcon is the largest gathering of hackers (and those interested in hacking) in the world. In the 22nd edition of the event there were nearly 15000 people from across the world who visited Vegas for Defc

PCI DSS – Stringent but Exhilarating to Implement (Project PCI DSS Implementation & Certification)

PCI DSS stand for Payment Card Industry Data Security Standard is a robust, comprehensive, technology driven, transparent, explicit standard to enhance

The Data Leak Prevention Project was rolled out in Lanco Infratech Ltd

• To protect its proprietary assets and business data against any loss or leakage
• To meet regulatory requirements as per the segment of industry.
• To increase awareness amongst the

Defcon 22, the largest conference for hackers with 15,000 attendees saw some of the most interesting researches in the field of security and hacking. From hundreds of talks, we have handpicked the top presentations which are relevant for security man

Vulnerability Management System was implemented as a practice within the Organization across the Global Business Unit (India, Middle East & Africa). The implementation included Vulnerability Assessment and Remediation. The assessment is made based

'Development of enterprise level Information Security Policies, Procedures and Standards' was an initiative to ensure we have an enterprise wide policy, procedures and standards for ensuring smooth Governance & Compliance of Information Security prac

How to Say “NO”

Why did I say, “Yes” when I really wanted to say No? You ‘d probably be asking this question every time you agree to another task. Even though you do not have time or resources to do something but you commit to another one. For example

We are safe, checking our software's for fallacy, for hacker's tricks. However we never think that the machine we run could be malicious itself. Their could be havoc if so happened, Prof. Indranil Sengupta(IIT-kgp) enlightens us about such threat and