All Articles

I have seen several organizations trying to adopt secure SDLC and failing badly towards the beginning. One of the biggest reason is they try to use “Big Bang Approach”. Yeah, there are several consultants who will push you to go for a big project use

This time we will speak about SAP in particular. So, what is SAP? First of all, SAP is a German company that develops and sells business software. SAP is famous for its ERP system - the most widespread business application. However, SAP provides much

In the previous blog entry, we described how to exploit an XSS vulnerability in SAP Afaria. Today’s post is dedicated to another security issue affecting Afaria.

( Read More: Checklist On Skillset Required For An Incident Management Person )

Control vi

Technology comes with a cost. The cost, one could never have imagined if not properly implemented. Enterprise Mobility Management (EMM) solution at place boosts the productivity, enhances mobile security, and provides easy access to corporate content

Firewall in simple terms acts as a barrier to prevent unauthorized access or malicious traffic within a system or in a network. The rapid growth of new innovative technology and alongside with the massive growth of new security threat, the tradition

Identity Access Management (IAM) is a set of business policies, framework and processes which ensures the right person has access to the right asset/resources. Identity Access Management solutions can deliver intangible benefits that are revenue incr

• Tanium
  
  
  • Headquarters: Emeryville, CA
  • Founded: 2007
  • Founder: Orion Hindawi, David Hindawi
  • Funding: $302.31M
  • Website: http://www.tanium.com/
    
    
  • Description: Tanium Inc. provides security and management system solutions that allow enterprises and governmen

Below are Top 6 Reasons Why Data Loss Prevention/ Data Leakage Prvention (DLP) Fails:

• Lack of business/key-stakeholders involvement: Failure to include key stakeholders (Including Business and C-level executives) while defining requirements and fo

Cloud services, being cost effective, scalable and agile are growing at a slow but steady pace in India. For years enterprises and the security  community have debated over its maturity and the readiness for its adoption . Major concerns such as secu

SAP has released the monthly critical patch update for February 2016. This patch update closes 23 vulnerabilities in SAP products including 15 SAP Security Patch Day Notes, 1 update to a previous Security Note, 2 Support Package Notes released on thi

For years, enterprises and the security community have debated whether the cloud is more secure or less secure than the datacenter. Always a strawman argument, now that debate becomes moot. The cloud is here to stay. And the job now is to operationa

Session on Practical Demo of Collecting Threat Intel Using OSINT Tools Video by Sachin Deodhar.

( Read More: How To Benchmark A Web Application Security Scanner? )

More:  Want to be a infosec community contributor? Click here

Identity and Access Management Workshop by Manjula Sridhar:

• Introduction & Scope
• Taxonomy
• Global Trends for Roadmap
• Capability Maturity Models
• Vendor Selection Criteria
• Guide to Vendors in the Landscape
• CPI Findings

( Read More: 11 Ways To Measure The Effect

SAP has released the monthly critical patch update for January 2016. This patch update closes 23 vulnerabilities in SAP products (including ones closed after the second Tuesday of the previous month and before the second Tuesday of this month). Among

Wargame Strategy Simulation : Creating A Successful Evaluation & Implementation Checklist For IT GRC Solution Video by Ajay Agarwal,Nadir Bhalwani,Aditya Sarangapani,Sudarshan Singh.

( Read More: Using 80/20 Rule In Application Security Management )

(

Do you need a DLP? Here's a small list to check if your organization actually needs a DLP Solution:

• If your organization wants to protect itself against negative exposures and fines associated with data breaches?
• If your organization wants to comply

Is Your Organization Thinking Of Adopting DLP? Here is a  small checklist you may like to check to tick off before you start the adoption:

• Your organization have developed appropriate policy to govern the use of DLP solution?
  
  To draw true value from

• Ability to discover sensitive data across all platforms:

A DLP solution should be able to discover sensitive data across applications, storage towers, systems and devices. It should have inbuilt rules to identify sensitive data as required by vario

Implementing DLP? Here's a quick overview of Top 5 Reasons for DLP Implementation Failures-

• Ineffective data classification methods:
  
  Failure to identify the right data to be protected. Undermining certain data can lead to the exposure of sensitive