All Articles

You must have heard about recent breach at LinkedIn, which led to exposure of 6.5 million hashed passwords available for download at hacker site. Many of such passwords were decoded and published on an un-authorized website. Feds are involved in inve

There is a common misconception that cyber criminals and hacktivists only target large enterprises to reap a bumper. The reality is actually very different, recently published surveys reveal that

• 84% of Small and Medium Businesses had a security breac

Our dependence on E-services has increased tremendously. All such services have the usernames and Passwords. This is main gateway for entry in to systems. Apart from that, transactional passwords. Even the password with secured and digital certified

 1.    Run Time Application Security Protection (RASP)

Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc and there is a great scope for a lot of these security features bei

A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done

What is SAST?

SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.

What is DAST?

DAST or Dynamic Application Security Testing is the proc

Safe Penetration Testing – 3 Myths and the Facts behind them

Penetration testing vendors will often make promises and assurances that they can test your Web Applications safely and comprehensively in your production environment. So when performing P

The legal terms have specific meanings and connotations. Leave aside the specific jargon; there is ambiguity about the very basic terms, like law, rules and regulations. In this post I have made an attempt to unravel some of these basic terms.

Statut

Our special webinar by CISO Platform and WebSense, was a great success with over 120 CISO's registering for the webinar.

Key Areas Covered

1. Which are the most commonly used data security controls?
2. What are the best practices for an effective Data S

APT (Advanced Persistent Threats) is the talk of the town. There is too much of noise and confusion. Everybody wants to make money. Quite a few uses FUD (Fear Uncertainty and Doubt) to sell their products. I wanted to highlight the APT secrets which

Static Application Security Testing (SAST)

SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.

Pros

• SAST can pin point the code where

IT arena is like a security battle ground, where internet is fundamentally open considering the major far-ends like social media, mobility, cloud, virtualisation etc which leads to targeted attacks.

On any given day; any organisation can suffer irrepa

Jayantha Prabhu,CTO , Essar Group, talks to CISO Platform on the Top Security Trends that he feels, will define the future.

As I see it, broadly the following technologies will

Is there anything common to Magic and Hacking? Is there a hacker in a magician? Is there a magician in a hacker?

In my personal journey, I adopted Magic first and later got acquainted with Hacking when I met my co-founder and started working on a prod

The Internet has plenty of crackers, known as  "black hats", who work to exploit computer systems.You also have white hats. When hackers are hired by companies to do penetration testing, it's legal and known as white hats. In this section we profile

Due to financial implications caused by several recent high-profile data leakage incidents,enterprises are facing increasing pressure for implementation of stringent norms pertaining to governance and compliance reporting. Today, adhering to governme

Data explosion and advent of big data are phenomena, which are a result of economic development of
nations and increase in digital footprint of organizations.With more and more devices getting connected to the core business enterprise network, in ord

One of the most important functionality which we do in our day to day work is Vendor Management,or should I say how to do it effectively. Here are a few tips which I would recommend and if needed you can add as well:

1.Always do a thorough check of th

Does anybody succesfully implemented any BYOD Security Policy in his/her organization? Can he / she share the implemented policy and methodology / techniques / technology and challenges he / she faced ?

Keeping current with the latest threat trends can improve the effectiveness of existing security solutions as it helps to identify and prioritize security gaps that may require new approaches and more innovative strategies.

Key Findings:

• Web Secur