Recently, HP published their yearly Cyber Risk Report 2015. Having many typical things spotlighted in this report such as growing number of ATM and IOT Security events, we have found some parts that are relevant to business application security, whic

Intro

On 11th of May, a security headline broke out in the news, it was about an attack on USIS (U.S. Investigations Services) conducted potentially by Chinese state-sponsored hackers via a vulnerability in SAP Software. Hackers broke into third-party

The peace, prosperity and economic development of any Nation depends upon its critical infrastructure and how well-protected it is. These critical infrastructures are distributed physically and virtually in space and time. The Supervisory Control and

In our previous article we’ve already covered how SAP ABAP Security Storage works. Today’s post is dedicated to SAP HANA Security Storage.

SAP HANA is a recent key product of SAP. It is a software solution based on the in-memory technology, that reduc

The next Leap(26th leap) Second will be on 30 June,2015. The last one was on 30 June,2012.

What Is It?

Earth's rotation is slowing down around it's own axis, so we need to Leap a few seconds to catch up. Occasionally seconds are added to UTC to comp

With this article we are starting new series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. XSS is by far one of the most popular vulnerability indeed in all produc

April 17, 2015 – As a part of monthly updates Microsoft released security update MS15-034 which closes vulnerability in driver HTTP.sys which enables an attacker to execute arbitrary code on OS remotely.

This update has a critical status as almost eve

Mobile devices are actively integrated into business processes. Companies have more and more business applications and mobile devices. Employees increasingly bring their own equipment to the workplace (BYOD policy – Bring Your Own Device) and gain ac

SAP has released the monthly critical patch update for June 2015. This patch update closes a lot of vulnerabilities in SAP products. The most popular vulnerability is Missing Authorization Check. This month, three critical vulnerabilities found by ER

Imagine you are on a shopping website or on a travel booking website and you see a deal which is quite exciting and your try and book, either you login with your account on the website or if you proceed to pay it gives a pop up, “Oops” price just got

End point Protection Solution:

 Managing the End point is one of the key areas where security to be built strongly. As this is the entry point, arresting at this level would help and make our  network stable.  So Data at rest (end storage), data durin

CISO Platform Launches India’s First Ever Study Of The Salary Of Cyber Security Professionals

New Delhi, Bangalore, India, June 4, 2015: CISO Platform, an online community for senior IT Security Professionals announces the official launch of its co

Key Highlights Of the Report 

• Correlate device and account risk factors across online and mobile channels
• Stop account takeover attacks from mobile devices using stolen credentials
• Capture persistent device ID, geo-location and detailed device risk fact

Gaana.com, one of the  popular music streaming service got hacked. It is reported that 10 million username, email addresses, MD5-encrypted password, date of births, and other personal information has been stolen. 

It is reported by their CEO that the

Top Security Worskshops

IT GRC Workshop Session

• Key Components and Architecture for GRC
• How to Jumpstart your GRC program with freely available tools and content
• Overview of Free Tools that you can use today
• Complete Vendor and Technology Taxonom

SAP has released the monthly critical patch update for May 2015. This patch update closes a lot of vulnerabilities in SAP products, some of them belong in the SAP HANA security area. This month, three critical vulnerabilities found by ERPScan researc

The rapid proliferation of mobile devices entering the workplace feels like divine intervention to many IT leaders. It’s as if a voice boomed down from the mountain ordering all of the employees you support to procure as many devices as possible and

Watch Video: (Webinar) "Beyond tools-Exploiting the application Logic"

( Read more:  Checklist to Evaluate a DLP Provider )

What will you Learn ?

• Importance of Threat Modelling and Design Reviews
• Identifying Logical Vulnerabilities
• Case Studies of the log

The malware industry supplies all the components cybercriminals need to easily perpetrate malware-driven financial fraud and data theft. In today’s virtual world, the scope of organizations vulnerable to malware-driven cybercrime is quite broad. In a