All Articles

Here is the list of my top 10 blogs on DLP solution, which you should go through if you are in-charge of creating, implementing and managing DLP program in your organisation.

1. A business case for Data loss prevention:

A good small write up givin

Choosing the right Application Security Testing Service Provider is not always an easy task. By asking the right questions and knowing what answers to look for, you can conduct the thorough evaluation of the various vendors available in the market a

There is a plethora of web application scanner; every one of which claims to be better than the other. It is indeed a challenge to differentiate between them. We need to benchmark the application scanner against hard facts and not marketing claims.

From our experience of helping organisations in building their ‘Vulnerability Management’ program, we feel that one of the major challenge the security manager/management faces does not always know the reality on the grounds. Obviously, the manageme

Bug bounty programs are quite common these days with several of the biggest names in the industry have launched various avatars of the program. I have been asked by a few security managers and managements about should they launch a bug bounty progra

Formal Modeling and Automation is one of the things I love. I try to model everything and sometimes modeling helps and sometime it lands me in trouble. It helped me when I tried to model Penetration Testing and worked with my co-founder to design ou

RSA conference is one of the leading security conference worldwide.  It creates a tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.

Email security gateways prevent mal

RSA conference is one of the leading security conference worldwide.  It creates a tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.

Threat Intelligence Program is a

The AppSec How -To:

Visualizing and Effectively Remediating Your Vulnerabilities: The biggest challenge when working with Source Code Analysis (SCA) tools is how to effectively prioritize and fix the numerous results. Developers are quickly overwhel

Over the past decade, E-Commerce applications have grown both in terms of numbers and complexity. Currently, E-Commerce application are going forward becoming more personalized, more mobile friendly and rich in functionality. Complicated recommendat

Following are the top 5 Application Security Technology Trends:

1.    Run Time Application Security Protection (RASP)

Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc an

Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so

Explore in-depth Use Cases of Next-Gen Security Information and Event Management (SIEM) – Part 1 of 3 series.

What will you learn:

• Tools and techniques – understanding the taxonomy
• Top use cases for the SOC
• Attack surfaces
  • Insider threat
  • Credentia

Static Code Analysis: Binary vs. Source

Static Code Analysis is the technique of automatically analyzing the application’s source and binary code to find security vulnerabilities. According to Gartner’s 2011 Magic Quadrant for Static Application Secu

• Looking for Top Emerging Companies in the Cyber Security Industry?  FireCompass presents 50 Emerging Cyber Security Vendors to look out for in 2018. We don’t claim this is exhaustive list because there might be a possibility that we might have misse

Application Security has emerged over years both as a market as well as a technology. Some of the key drivers had been the explosion in the number of applications (web and mobile), attacks moving to the application layer and the compliance needs.

Fo

• Cyber risks have evolved significantly over the last couple of years across industry sectors. Cybersecurity  is  a  matter  of  growing  concern  as  cyber-attacks  cause  loss  of income,  sensitive  information  leaks,  and  even  vital  infrastru

• Explore in-depth Use Cases of Next-Gen Security Information and Event Management (SIEM) – Part 2 of 3 series.

What will you learn:

• Tools and techniques – understanding the taxonomy
• Top use cases for the SOC
• Attack surfaces
  • Insider threat
  • Credent

Most organizations are using multiple cloud applications daily (by some estimates 100+). These applications need to be closely monitored based on the risk they pose and the purpose they serve. Here are some key security metrics which can help you mo

While the proliferation of the BYOD trend has been bonus for businesses in terms of cost savings to productivity gains. But for IT departments, security and compliance is a headache as they scramble to catch with the mobility requirements of workfor