All Articles

Contrary to the common man belief that 'Windows is very insecure', Microsoft has been very proactive in security. Apple iOS has a great deal of security too, it is described in its building from scratch in the iOS security document. Here are the few

Watch Talk:

(Read more:  5 Best Practices to secure your Big Data Implementation)

BadUSB — On accessories that turn evil by Karsten Nohl

Karsten Nohl is a cryptographer and security researcher

This talk introduces a new form of malware that oper

Watch Video:

(Read more:  Under the hood of Top 4 BYOD Security Technologies: Pros & Cons)

Ants and Elephants in the CISO's Office by Paul Rain

I will show how ISO 9001 and ISO 27001 can be used together to deliver business value and demonstrate

From a recent webinar, I gathered the very notably important parts into organized sub-parts. This is the first part wherein the major hardware threats and my insights on them are described. Below is the exact portion of the webinar discussing the ha

A concise primer to Forensics for a beginner or a security expert- an insight into actual solution achieved through Forensics. The problem states a PGP message intercepted by an RAT and needs to be decrypted without the actual key? The process is br

(Read more:  APT Secrets that Vendors Don't Tell)

The Heartbleed bug was a catastrophic vulnerability in widely used OpenSSL TLS implementation. This talk at CISO Platform Annual Summit, will give background how the Heartbleed bug was found by Cod

Cyber Safety in Cars and Medical Devices by Beau Woods, creator of IOT Security Framework. We are adopting connecting, computerized technology faster than we are able to secure it. When this technology is integrated into life and safety systems, bits

Bitcoin Transaction Malleability, an Insight by Daniel Chechik.The bitcoin network vulnerability had disturbed the huge bitcoin network. Plenty trading websites like Silk Road,MTGox and more have been victim to "Bitcoin Transaction Malleability." Thi

CISO Platform Annual Summit @ Mumbai, last week saw over 250+ attendees for over 2 days making the the spirit of knowledge sharing and learning a huge success in the Information Security Executives of India. Here are the highlights of the awesome key

This article will be about different guidelines, which can help to secure your SAP system. But nothing to worry about - this post will nevertheless remain useful and interesting, even if it does not contain information about 0-days or have no words l

Myth: - DLP is for IT and it is an IT Project |Truth: - DLP is for Business and it is a Business Project

DLP Solution is implemented by IT for the business with the close association of various business departments; DLP implementation requires strong

Static Code Analysis: Binary vs. Source

Static Code Analysis is the technique of automatically analyzing the application’s source and binary code to find security vulnerabilities. According to Gartner’s 2011 Magic Quadrant for Static Application Secu

Organization scramble to achieve high business growth often overlooked the underlying processes which are the core of any business operation. A manual process to handle employee separation process lead devastating circumstances. Most organization tak

This project mainly aims to have an enterprise wide ITAM (IT Asset Management) Systems and endpoint protection and also to maintain the hardware and software inventory. It also brought in centralized IT management and control mechanisms for polices e

Kotak Mahindra Bank has initiated the DLP implementation across all business units in a phased manner and the implementation was started 6 months ago with critical business units. The solution monitors all channels, viz. Internet, Email and End point

What is Shellshock Bug?

Shellshock is a security vulnerability(CVE-2014-6271) in the widely used Unix Bash Shell which was discovered by Stéphane Chazelas on 12 September 2014 and disclosed on 24 September 2014. Subsequently, various researchers have

Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so on

Recently, we were pentesting a Data mining and Analytics company. The amount of data that they talked about is phenomenal and they are planning to move to Big Data. They invited me to write a blog on state of the art, Big Data security concerns and c

Current Project Synopsis:

• Responsible for Information Security of next generation mobile and fixed broadband networks (LTE/WiFi/FTTx) with All-IP networks over a cloud based framework for B2C/B2B markets connecting 200 Million 4G LTE, 50 Million W