All Articles

Vulnerabilities (6)

Top 5 Big Data Vulnerability Classes

Posted by Jitendra Chauhan on September 15, 2014 at 4:00am

Recently, we were pentesting a Data mining and Analytics company. The amount of data that they talked about is phenomenal and they are planning to move to Big Data. They invited me to write a blog on state of the art, Big Data security concerns and c

Chinese attack on USIS using SAP vulnerability - Detailed review and comments

Posted by Alexander Polyakov on June 25, 2015 at 2:00am

Intro

On 11th of May, a security headline broke out in the news, it was about an attack on USIS (U.S. Investigations Services) conducted potentially by Chinese state-sponsored hackers via a vulnerability in SAP Software. Hackers broke into third-party

Securing SAP Systems from XSS vulnerabilities Part 2: Defense for SAP NetWeaver ABAP

Posted by Alexander Polyakov on August 25, 2015 at 1:16am

We continue our series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. Today's post describes how to protect SAP NetWeaver ABAP from XSS.

From the developer’s perspec

Advertising Vulnerabilities in Bluetooth Low Energy (BLE) IoT Networks

Posted by Amit Chahar on March 1, 1999 at 11:30pm

Overview

With the increasing need of Bluetooth Low Energy (BLE) IoT security, comes the part of vulnerability management in these networks. Unlike the IP security, BLE security framework is not yet mature. The newer version of BLE have enhanced the s

Legal Liability for IOT Cybersecurity Vulnerabilities (Black Hat Conference 2018)

Posted by Shubham Gupta on September 30, 2018 at 9:30pm

There has been much discussion of "software liability," and whether new laws are needed to encourage or require safer software. My presentation will discuss how -- regardless of whether new laws are passed -- a tidal wave of litigation over defective

How to Manage Security & Third Party/Open Source Code in the SDLC

Posted by Drew Brown on August 15, 2019 at 3:00am

Background:
It has been suggested that any new development will include less than 1% original code. If this isn’t presently true, it will likely be as time progresses.

With any security program, the goal is to identify the vulnerabilities, the relate

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)

Webinar On Understanding Cloud Attack Vectors

Jun 27, 2023 from 8:00pm to 9:00pm UTC+5.5

Online Platform

Description:
Register Here : https://info.cisoplatform.com/understanding-cloud-attack-vectors

Key Pointers:
- Understanding current cloud threats landscape
- Reviewing cloud attack vectors
- Recent examples of cloud security incidents
- Prioritize cloud security efforts
Register Here : …
Created by: pritha

Webinar - Incident Response Exercise Lifecycle Program For Cyber Resilience

Jul 25, 2023 from 3:00pm to 4:00pm UTC+5.5

Online Platform

Description:
Register Here : https://info.cisoplatform.com/incident-response-exercise-lifecycle-program-for-cyber-resilience

Key Discussion Pointers:
- New concept called Developing Cyber Resilience through the Cyber Incident Response Lifecycle
- Active testing through cyber ranges, purple, red and gold teaming
- How to ascertain competency at each activity and…
Created by: pritha

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use CISO Platform.

Please check your browser settings or contact your system administrator.

From the developer’s perspec

Note: this page contains paid content.

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.