All Articles

The quickly evolving Internet of Things or call it Internet of Everything will leave us more vulnerable to the cyber criminals. Government agencies are not prepared to combat the upcoming threat of “Online Murder”. Sounds Strange!!.. but we are headi

SAP has released the monthly critical patch update for September 2015. This patch update closes 20 vulnerabilities and 5 updates in SAP products, 16 of which are high priority, some of them belong to the SAP HANA security area. The most common vulner

Webinar on "Defusing Cyber Threats Using Malware Intelligence" Video by Arun Lakhotia.

• How a Malware can be source of intelligence about the attacker
• How Large scale, automated malware analysis to extract intelligence is feasible
• How Malware intelligenc

CASB Workshop Part 1 by Bikash Barai:

• Technology Taxonomy For Cloud Security
• Key Components of Cloud Security Architecture
• Blue Print To Build Your Cloud Security Program
• Basics of Cloud Security Access Brokers

Webinar on  "Front Door Access to Pwning Millions of Android Devices" Video by Avi Bashan.

• Learn about Android certificate & permission framework including the roles of Google, OEMs, & mobile carriers. 
• Overview of the Mobile Remote Support Tools Archi

Last month, ISACA released the 4th edition of their book Security, Audit and Control Features SAP ERP. The previous version was published in 2009. Some updates include detailed security guides for assessing different SAP business processes. We had be

With overwhelming response for Defcon 22 Top Talks, we decided to present Defcon 23 again. Let us know which were your favorite talks?

Important Note:

All presentations are courtesy Defcon and is presented as-is without any modification
Some of the d

With overwhelming response for Defcon 22 Top Talks, we decided to present Defcon 23 again. Let us know which were your favorite talks?

Important Note:

All presentations are courtesy Defcon and is presented as-is without any modification
Some of the

Wargame : Dashboard & Metrics For The Management Video by Renu Rajani,Sridhar Govardhan,Raghu Kumar Paruchuri,Tamaghna Basu.

Application Security Workshop Part 2 by Nilanjan De:

• Web Attack Chaining
• Understanding IAST/RASP
• Realtime Polymorphism

Application Security Workshop Part 1 by Jitendra Chauhan:

• Web Attack Chaining
• Understanding IAST/RASP
• Realtime Polymorphism

Application Security Workshop Part 1 Video by Jitendra Chauhan:

Network Forensic Tools & Techniques Workshop by Tamaghna Basu:  

• Introduction,Basic Protocol Analysis,
• Forensic Analysis Network/Web/Malware,
• Basic Packet Analysis Challenges

Network Forensic Tools & Techniques Workshop video by Tamaghna Basu:  

IBM Managed Security Services continuously monitors billions of events per year, as reported by more than 8,000 client devices in over 100 countries. This report is based on data IBM collected between 1 January 2014 and 31 December 2014 in the course

I have wanted to put together some of my thoughts on the trends in application security for quite some time. Finally as I have some time today since it was a day off, I made a deal with my wife that we won’t speak for the next 2 hours.

What I am writi

Today’s post is the last in the series of articles about XSS vulnerabilities in SAP systems. The previous parts describe how to prevent XSS in SAP NetWeaver ABAP and SAP NetWeaver J2EE.

XSS is one of the most popular vulnerabilities and its effect can

From the developer’s perspective

For AS Java, the encoding is available as tc_sec_csi.jar. There is a static class and an interface which provides the encodings for HTML/XML, JavaScript, CSS and URL. Also it is available to use methods of public class

We continue our series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. Today's post describes how to protect SAP NetWeaver ABAP from XSS.

From the developer’s perspec

Oracle PeopleSoft applications are quite complex and consist of many components, so does their security. While there is almost no research on PS security, successful attacks against such systems happen from time to time. That’s why we decided to star

Hello, dear readers! Today I would like to talk about Oracle Security.

On August 11, Mary Ann – Oracle's CSO - published an incredibly shocking post about security researchers which was promptly deleted (either by herself or somebody else). The post w

The CISO(Chief Information Security Officer) is a C-Level position, responsible to align security to business goals and to secure information assets of the company. The C-Level position has changed and evolved so much, we see the ‘CISO’ as a union of