Watch Talk:
(Read more: 5 Best Practices to secure your Big Data Implementation)
BadUSB — On accessories that turn evil by Karsten Nohl
Karsten Nohl is a cryptographer and security researcher
This talk introduces a new form of malware that oper
Security (153)
Second critical category. Default passwords for access to the application
For the two previous weeks we’ve been discussing the top-9 critical areas and the 33 steps to be taken for security assessment. Ultimately, we’ve covered patch management flaw
We are thrilled to have received so many wonderful ideas and suggestions during the breakfast series specifically focusing on CPI findings. Here are the quick highlights!
What was the objective of the Community Breakfast?
- Preview of CPI Findings: T
Intro
On 11th of May, a security headline broke out in the news, it was about an attack on USIS (U.S. Investigations Services) conducted potentially by Chinese state-sponsored hackers via a vulnerability in SAP Software. Hackers broke into third-party
We continue our series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. Today's post describes how to protect SAP NetWeaver ABAP from XSS.
From the developer’s perspec
Please cascade to your teams please Tata Consultancy Services (BSE: 532540, NSE: TCS), the leading IT services, consulting and business solutions organization, is a partner with the Foreign & Commonwealth Office (FCO) of the UK Governmen
Now that we have covered PeopleSoft Architecture, it is time to continue with PeopleSoft security and describe some attack vectors against PeopleSoft system discovered by ERPScan researchers. The first one is an attack on back-end systems.
First, we s
In the third part of the PeopleSoft Security series,we will describe on how to log-in any account and gain full access to the PeopleSoft system.
What is PeopleSoft SSO and how does it work?
Like many other enterprise business applications, PeopleSoft s
It is very important to properly define the right Information Security Metrics for an organization to estimate the security structure and to communicate it efficiently to the Board level executives.There is a growing interest from the Board and the C
Demystifying Security Analytics: Data, Methods, Use Cases
Many vendors sell “security analytics” tools. Also, some organizations built their own security analytics toolsets and capabilities using Big Data technologies and approaches. How do you find
Building a World-Class Proactive Integrated Security and Network Ops Center
The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hi
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
This session will present a real case study of methodology and advanced cybersecurity tools used along with important tips and lessons learned on implementing an ISOC projec
The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologie
Ransomware is a type of malicious software (malware) when infected with encrypts all the important files such as documents, pictures, movie file etc with a virtually unbreakable encryption key. Here we have compiled some of the Good-reads blogs, ar
Are you planning to Implement the Advanced Persistent Threats (APT) Security?. It's important to know what all questions you need to ask to APT security Vendor and get their views on APTs. Also, be sure whether the solution you are going to buy is ca
To understand the differences between terms like cyber security and information security is important because many banking regulatory bodies like Reserve bank of India, Hong Kong Monetary Authority, Monetary Authority of Singapore, etc. have asked ba
In its June 2, 2016 notification, RBI has issued new cybersecurity guidelines, which says that scheduled commercial banks (private, foreign and nationalized banks listed in the schedule of RBI Act, 1934) must proactively create or modify their polici
RansomWare is a type of malicious software (malware) when infected with encrypts all the important files such as documents, pictures, movie file etc with a virtually unbreakable encryption key. [RM1] The RansomWare arrives via email attachments, inse
Emerging Vendors are the vendors who have been innovative and has given the fresh perspective to the conventional security methods. In very less time, these start-ups have been able to make their name in the APT space. Here is the list of the Top Eme
Today, I am going to talk about the game which has become more than a game for people around the world. You guessed it right, I am talking about Pokemon Go, developed by Niantic. The important mechanic in the game is to be able to use GPS which can t
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)
- Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
- Created by: Biswajit Banerjee
- Tags: ciso, pen testing, red team, security leadership
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
