SAP has released the monthly critical patch update for September 2015. This patch update closes 20 vulnerabilities and 5 updates in SAP products, 16 of which are high priority, some of them belong to the SAP HANA security area. The most common vulner
All Posts (2717)
Sort by
Webinar on "Defusing Cyber Threats Using Malware Intelligence" Video by Arun Lakhotia.
- How a Malware can be source of intelligence about the attacker
- How Large scale, automated malware analysis to extract intelligence is feasible
- How Malware intelligenc
CASB Workshop Part 1 by Bikash Barai:
- Technology Taxonomy For Cloud Security
- Key Components of Cloud Security Architecture
- Blue Print To Build Your Cloud Security Program
- Basics of Cloud Security Access Brokers
CASB Workshop Part 1 Video by Bikash Barai:
Webinar on "Front Door Access to Pwning Millions of Android Devices" Video by Avi Bashan.
- Learn about Android certificate & permission framework including the roles of Google, OEMs, & mobile carriers.
- Overview of the Mobile Remote Support Tools Archi
Last month, ISACA released the 4th edition of their book Security, Audit and Control Features SAP ERP. The previous version was published in 2009. Some updates include detailed security guides for assessing different SAP business processes. We had be
With overwhelming response for Defcon 22 Top Talks, we decided to present Defcon 23 again. Let us know which were your favorite talks?
Important Note:
All presentations are courtesy Defcon and is presented as-is without any modification
Some of the d
With overwhelming response for Defcon 22 Top Talks, we decided to present Defcon 23 again. Let us know which were your favorite talks?
Important Note:
All presentations are courtesy Defcon and is presented as-is without any modification
Some of the
Wargame : Dashboard & Metrics For The Management Video by Renu Rajani,Sridhar Govardhan,Raghu Kumar Paruchuri,Tamaghna Basu.
Application Security Workshop Part 2 by Nilanjan De:
- Web Attack Chaining
- Understanding IAST/RASP
- Realtime Polymorphism
Application Security Workshop Part 2 Video by Nilanjan De:
Application Security Workshop Part 1 by Jitendra Chauhan:
- Web Attack Chaining
- Understanding IAST/RASP
- Realtime Polymorphism
Application Security Workshop Part 1 Video by Jitendra Chauhan:
Network Forensic Tools & Techniques Workshop by Tamaghna Basu:
- Introduction,Basic Protocol Analysis,
- Forensic Analysis Network/Web/Malware,
- Basic Packet Analysis Challenges
Network Forensic Tools & Techniques Workshop video by Tamaghna Basu:
IBM Managed Security Services continuously monitors billions of events per year, as reported by more than 8,000 client devices in over 100 countries. This report is based on data IBM collected between 1 January 2014 and 31 December 2014 in the course
I have wanted to put together some of my thoughts on the trends in application security for quite some time. Finally as I have some time today since it was a day off, I made a deal with my wife that we won’t speak for the next 2 hours.
What I am writi
Today’s post is the last in the series of articles about XSS vulnerabilities in SAP systems. The previous parts describe how to prevent XSS in SAP NetWeaver ABAP and SAP NetWeaver J2EE.
XSS is one of the most popular vulnerabilities and its effect can
From the developer’s perspective
For AS Java, the encoding is available as tc_sec_csi.jar. There is a static class and an interface which provides the encodings for HTML/XML, JavaScript, CSS and URL. Also it is available to use methods of public class
We continue our series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. Today's post describes how to protect SAP NetWeaver ABAP from XSS.
From the developer’s perspec
Oracle PeopleSoft applications are quite complex and consist of many components, so does their security. While there is almost no research on PS security, successful attacks against such systems happen from time to time. That’s why we decided to star
Hello, dear readers! Today I would like to talk about Oracle Security.
On August 11, Mary Ann – Oracle's CSO - published an incredibly shocking post about security researchers which was promptly deleted (either by herself or somebody else). The post w
The CISO(Chief Information Security Officer) is a C-Level position, responsible to align security to business goals and to secure information assets of the company. The C-Level position has changed and evolved so much, we see the ‘CISO’ as a union of
Please cascade to your teams please Tata Consultancy Services (BSE: 532540, NSE: TCS), the leading IT services, consulting and business solutions organization, is a partner with the Foreign & Commonwealth Office (FCO) of the UK Governmen
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
