All Articles

to (10)

Information Lock-in vs Sharing

Posted by Sharat AIRANI on July 5, 2013 at 12:30am

On 2nd July 2013, National Cyber Security Poilicy has been released. First point in the preamble is an eye opener. It says " Cyberspace is a complex environment consisting of interactions between people, software and services supported by worldwide d

Common Mistakes To Avoid While Configuring Your Firewall

Posted by pritha on March 2, 2014 at 11:00pm

Top Steps During Implementation Of A Firewall Project

Clearly defined requirements such as type of firewall, architecture, performance requirements, compliance requirement, sizing, reporting, and minimum specifications are important for identifying

SAP NetWeaver ABAP security configuration part 2: Default passwords for access to the application

Posted by Alexander Polyakov on February 2, 2015 at 5:00am

Second critical category. Default passwords for access to the application

For the two previous weeks we’ve been discussing the top-9 critical areas and the 33 steps to be taken for security assessment. Ultimately, we’ve covered patch management flaw

SAP NetWeaver ABAP Security Configuration Part 5: Insecure Settings

Posted by Alexander Polyakov on April 2, 2015 at 3:30am

Each application has several security settings that do not fit into any of the critical issues groups mentioned in our series of articles.Among such settings there are both standard settings (such as password length or the number of attempts given to

Planning to be a CISO

Posted by Syed Azher on September 14, 2016 at 5:30pm

Everyone wants to know this today. One of the key attributes I have found in all the security people in last 14 years of my career is you need to be naturally skeptical when you look at stuff. This is one key aspect and if you don’t have this you wou

1000 ways to die in mobile oauth (Black Hat Conference 2016)

Posted by Gireesh Kumar on November 24, 2016 at 7:00pm

OAuth has become a highly influential protocol due to its swift and wide adoption in the industry. The initial objective of the protocol was specific: it serves the authorization needs for websites. However, the protocol has been significantly repurp

10 Things You Should Ask of Your Cyber Incident Response Tool

Posted by pritha on February 20, 2017 at 5:30pm

In the fast moving world of cyber security incident response, the challenge is to rapidly identify and stay ahead of the threat. Incident responders must move faster, be more agile, have longer stamina than the attacker. Additionally they must also b

End-to-End Encryption in Bluetooth Low Energy (BLE) IoT Networks

Posted by Amit Chahar on February 17, 2017 at 11:00pm

Overview

With millions of Bluetooth Low Energy (BLE) IoT devices deployed per year, comes the responsibility to secure them. BLE was designed for low power personal area networks. Security was not a focus while designing it. But nowadays, BLE devices

Top 3 Things CISOs Should Avoid In A Board Presentation - CISO Platform

Posted by CISO Platform on August 30, 2018 at 7:00pm

There is a steep rise in interest from the Board & CEO of an organization to understand the security posture of their company. Partly because of the increasing pressure from the government regulators, stakeholders & discussions on the potential risk

[Panel Discussion] Presenting Security to Your Board and Managing Your Stakeholders

Posted by CISO Platform on April 5, 2020 at 8:30pm

At CISO Platform Annual Summit 2020, we had a panel discussion on the topic of Presenting Security to Your Board and Managing Your Stakeholders, including industry stalwart like Vishwas Pitre [Zensar Technologies Ltd] (Moderator), Yogesh Kumar [Tata