All Articles

Bug bounty programs are quite common these days with several of the biggest names in the industry have launched various avatars of the program. I have been asked by a few security managers and managements about should they launch a bug bounty program

From our experience of helping organizations in building their ‘Vulnerability Management’ program, we feel that one of the major challenge the security manager/management faces does not always know the reality on the grounds. Obviously the management

There is a plethora of web application scanner ; every one of which claims to be better than the other. It is indeed a challenge to differentiate between them. We need to benchmark the application scanner against hard facts and not marketing claims.

We have heard a lot about secure SDLC (Software Development Life Cycle). So, what next? Everything transforms with time and now is the time for Secure SDLC to be transformed. Secure SDLC is probably going to get metamorphosed into Secure Dev-Ops.

What

Choosing the right Application Security Testing Service Provider is not always an easy task. By asking the right questions and knowing what answers to look for, you can conduct the thorough evaluation of the various vendors available in the market an

Ethical Hacking or Penetration Testing had always been a career sought after by many. It is glamorous. It pays well. It also tickles the small little devil inside all of us. However, as everything else, Ethical Hacking as a career is also undergoing

Application Security has emerged over years both as a market as well as a technology. Some of the key drivers had been the explosion in the number of applications (web and mobile), attacks moving to the application layer and the compliance needs. Fol

I have seen several organizations trying to adopt secure SDLC and failing badly towards the beginning. One of the biggest reason is they try to use “Big Bang Approach”. Yeah, there are several consultants who will push you to go for a big project use

This time we will speak about SAP in particular. So, what is SAP? First of all, SAP is a German company that develops and sells business software. SAP is famous for its ERP system - the most widespread business application. However, SAP provides much

In the previous blog entry, we described how to exploit an XSS vulnerability in SAP Afaria. Today’s post is dedicated to another security issue affecting Afaria.

( Read More: Checklist On Skillset Required For An Incident Management Person )

Control vi

Technology comes with a cost. The cost, one could never have imagined if not properly implemented. Enterprise Mobility Management (EMM) solution at place boosts the productivity, enhances mobile security, and provides easy access to corporate content

Firewall in simple terms acts as a barrier to prevent unauthorized access or malicious traffic within a system or in a network. The rapid growth of new innovative technology and alongside with the massive growth of new security threat, the tradition

Identity Access Management (IAM) is a set of business policies, framework and processes which ensures the right person has access to the right asset/resources. Identity Access Management solutions can deliver intangible benefits that are revenue incr

• Tanium
  
  
  • Headquarters: Emeryville, CA
  • Founded: 2007
  • Founder: Orion Hindawi, David Hindawi
  • Funding: $302.31M
  • Website: http://www.tanium.com/
    
    
  • Description: Tanium Inc. provides security and management system solutions that allow enterprises and governmen

Below are Top 6 Reasons Why Data Loss Prevention/ Data Leakage Prvention (DLP) Fails:

• Lack of business/key-stakeholders involvement: Failure to include key stakeholders (Including Business and C-level executives) while defining requirements and fo

Cloud services, being cost effective, scalable and agile are growing at a slow but steady pace in India. For years enterprises and the security  community have debated over its maturity and the readiness for its adoption . Major concerns such as secu

SAP has released the monthly critical patch update for February 2016. This patch update closes 23 vulnerabilities in SAP products including 15 SAP Security Patch Day Notes, 1 update to a previous Security Note, 2 Support Package Notes released on thi

For years, enterprises and the security community have debated whether the cloud is more secure or less secure than the datacenter. Always a strawman argument, now that debate becomes moot. The cloud is here to stay. And the job now is to operationa

Session on Practical Demo of Collecting Threat Intel Using OSINT Tools Video by Sachin Deodhar.

( Read More: How To Benchmark A Web Application Security Scanner? )

More:  Want to be a infosec community contributor? Click here