We heavily rely on references while taking a decision on adoption of a new technology or a product. However, there is no dedicated analysis of product leadership purely based on customer recommendation. From CISO Platform technology Analyst team, w
All Posts (2678)
Sort by
We heavily rely on references while taking a decision on adoption of a new technology or a product. However, there is no dedicated analysis of product leadership purely based on customer recommendation. From CISO Platform technology Analyst team, we
Based on OS
Windows tools:
Specific Tools:
- Log Parser -
- EnCase -
- ILook(LEO Only) -
- Paraben -
- ProDiscover -
- TCPView -
- AccessData -
- COFEE(LEO Only) -
- WinHex
- X-Way Forensics/WinHex Pro
- FileControl-DD etc.
- Wireshark-Ethereal(packet sniffer)
- Dsniff-Dug
Stages of Incident Response-
1. method 1
2. method 2
Method1(7-steps)
- Preparation
- Identification
categories based on incident type - Containment
- Investigation
- Iradication
- Recovery
- Follow up
Method2(4-steps)
- Preparation
- Detection and Analysis
- Conta
Technical Skills:
Fundamental Concepts and Internet
- Knowledge of Fundamental Security Concepts(eg. authentication,integrity,access control,privacy)
- Identifying Risks,Threats(data,information,computers and networks)
- Knows how the Internet Works(histo
Current Project Synopsis:
- Responsible for Information Security of next generation mobile and fixed broadband networks (LTE/WiFi/FTTx) with All-IP networks over a cloud based framework for B2C/B2B markets connecting 200 Million 4G LTE, 50 Million W
About Project
The scope of the project encompassing Business Units, Support Functions, 200+ Processes and 8500+ employees. The project was an outcome of the data pilferage risk envisaged in terms of sensitive customer information and financial data.
Recently, we were pentesting a Data mining and Analytics company. The amount of data that they talked about is phenomenal and they are planning to move to Big Data. They invited me to write a blog on state of the art, Big Data security concerns and c
Over the past decade, E-Commerce applications have grown both in terms of numbers and complexity. Currently, E-Commerce application are going forward becoming more personalized, more mobile friendly and rich in functionality. Complicated recommendati
Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so on
The project scope is to perform a security assessment of the current environment of MBE including the major business processes, operating functions, organizational units and information systems and a thorough evaluation of the configuration and desig
Achieved Solution Benefits
To mitigate risk
- Prevent access breaches through privileged accounts
- Monitor activities carried out by privileged users
- Enforce accountability for use of generic privileged accounts
- Enforce granular access restrictions as
Turbo Talks
How the Heartbleed bug was found?
Antti Karjalainen discoverer of Heartbleed
The Heartbleed bug was a catastrophic vulnerability in widely used OpenSSL TLS implementation. This talk will give background how the Heartbleed bug was found
Meet, meet and meet, the last few weeks all we've done is meet you and try to help you better. Your views shape us and those plenty views needed a To-Do List, which is right here. We are grateful for each of your contributions and hope to have more o
1. How to do a better vendor evaluation?
- Know both Success and failure stories.
- A strong network among CISOs for sharing failure stories
- A common checklist for vendor evaluation should be made once we are aware of the success and failure sto
Why do we need a common security technology evaluation framework?
Floating an RFP (Request for Proposal) or evaluating a new technology for a CISO is a substantial effort. Going through the sea of data and marketing buzz to judge a vendor and its
Information Security function had to be aligned to Risk Management function to provide independence by separating Infosec Governance and Infosec operations responsibilities. Enhancement in the policy was focused on the wider and strategic modificatio
This is the second compilation of Best Of Defcon 22 at a glance. The following Links will link you to the respective complete PPT.
Important Note:
- All presentations are courtesy Defcon and is presented as-is without any modification
- Some of the des
Happy festive season to all our readers.
“BYOD adoption is much easier now, If "CISO / IT" Gets Its Way. It helps IT decision makers supporting BYOD to anticipate the day to minimise the device expenses of any organisation for its employees and secu
Defcon 22, the largest conference for hackers with 15,000 attendees saw some of the most interesting researches in the field of security and hacking. From hundreds of talks, we have handpicked the top presentations which are relevant for security man
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)
- Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
- Created by: Biswajit Banerjee
- Tags: ciso, pen testing, red team, security leadership
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
