All Articles

 1.    Run Time Application Security Protection (RASP)

Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc and there is a great scope for a lot of these security features bei

Writing not only functional but secure applications is not a new concept or idea that has taken the Industry by storm. However, many Government and Commercial Organizations are still not adhering to or requiring their Organizations to adopt, implemen

Top steps during the implementation of a project related to Database Security

1.As most of the times, application developers or persons implementing the applications also work as database administrators, it is important that database administration i

Requirement for solutions related to Database security

A CISO should define the requirement for solutions related to Database security by first understanding the business and threat environment and decide on the most applicable threats and security p

"The good guys need to be right all the time. The bad guys just need to be right once."

From recent Target shops in US being compromised with 40 million shopper's card details, last minute shoppers are well discouraged. So is action after being com

We are happy to announce the results of the annual survey of Security Implementation Status and Industry Benchmarking (CPSMM), in which 331 companies have participated. The data has been collected through the survey conducted online as well as during

Top Steps During Implementation Of A Firewall Project

• Clearly defined requirements such as type of firewall, architecture, performance requirements, compliance requirement, sizing, reporting, and minimum specifications are important for identifying

PCI DSS – Stringent but Exhilarating to Implement (Project PCI DSS Implementation & Certification)

PCI DSS stand for Payment Card Industry Data Security Standard is a robust, comprehensive, technology driven, transparent, explicit standard to enhance

These days’ web applications are under siege. Commercially motivated Hackers, bots, and fraudsters are attacking around the clock, attempting to steal data, disrupt access, and commit fraud which today’s next generation firewall, IPS and other networ

(Source: Defcon 22-Las Vegas)

(Source: Defcon 22-Las Vegas)

(Source: Defcon 22-Las Vegas)

(Source: Defcon 22-Las Vegas)

Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so on

Recently, we were pentesting a Data mining and Analytics company. The amount of data that they talked about is phenomenal and they are planning to move to Big Data. They invited me to write a blog on state of the art, Big Data security concerns and c

Over the past decade, E-Commerce applications have grown both in terms of numbers and complexity. Currently, E-Commerce application are going forward becoming more personalized, more mobile friendly and rich in functionality. Complicated recommendati

From a recent webinar, I gathered the very notably important parts into organized sub-parts. This is the first part wherein the major hardware threats and my insights on them are described. Below is the exact portion of the webinar discussing the ha

Technical Skills:

Major Areas Of Focus:

• Incident Response
• Computer Forensics
• Network Security
• Secure Architecture

( Read More: CISO Platform Top IT Security Influencers (Part 1) )

Conceptual (Understand How-It-Works):

• Fundamental security conce