All Articles

This blog will provide information about SAST or Static Application Security Testing and DAST or Dynamic Application Security Testing. And also answer the common question of SAST vs DAST.

What is SAST?

SAST or Static Application Security Testing is

Safe Penetration Testing – 3 Myths and the Facts behind them

Penetration testing vendors will often make promises and assurances that they can test your Web Applications safely and comprehensively in your production environment. So when performing Pe

I have seen several organizations trying to adopt secure SDLC and failing badly towards the beginning. One of the biggest reason is they try to use “Big Bang Approach”. Yeah, there are several consultants who will push you to go for a big project us

Acquisition of new security tools are not an easy task to handle. Some procurement activities are tedious and requires months of effort to select the right tool that meets all your expectations. In this blog, we are going to list out top 10 mistakes

Security Metrics are essential for quantitative measurement of any security program. Below, we’ve listed some security metrics (in no particular order) which can be used to measure the performance of your Vulnerability Management (VM) program. For d

This blog will provide the pros and cons of different types of Application Security Testing Technologies, and checklist to chose among them.

Static Application Security Testing (SAST)

SAST or Static Application Security Testing is the process of tes

What will you learn:

• Overview of data leakages
  • Cases
  • Risks
  • Solutions
• Protection against data leakages
  • Main challenges
  • Sources of data leakages
  • Tools and solutions
• Data Leakage Prevention systems
  • Core principles and technologies involved
• Layere

IT GRC is a very broad topic encompassing nearly all aspects of information security. In this blog, we’ve tried to list down some key metrics that you should be tracking as part of your IT GRC program. Like all metrics these can be tracked on a peri

This blog lists out 6 key metrics to measure the maturity and effectiveness of your Data Loss Prevention (DLP) program. All the metrics are operational and can be measured quantitatively to help you fine-tune your DLP program.

• Number of policy ex

• Today web applications are ubiquitous and in many cases, the primary source of engagement between the user and the organization. Traditionally, organizations relied on network security controls such as network firewalls and IDS/IPS as the primary de

• With the evolving threat landscape, breaches are becoming increasingly common. As per Ponemon Institute, in 2017, the average time required to detect a breach was 191 days and the average time required to contain a breach was 66 days. These time fra

With Ransomware attacks becoming increasingly frequent, we thought of putting together a list of technologies that can help organizations protect themselves against ransomware attacks. Please note that even though this blog discusses technology meas

SIEM tool is among some of the most complex security tools to manage and operate. Here in this learn about the key parameters which you can track to make your SIEM tool more effective:

1. Percentage reduction in False Positives/Negatives over a spec

• Explore in-depth Use Cases of Next-Gen Security Information and Event Management (SIEM) – Part 3 of 3 series.

What will you learn:

• Tools and techniques – understanding the taxonomy
• Top use cases for the SOC
• Attack surfaces
  • Insider threat
  • Creden

We have completed our selection of the final list of 50 emerging IT Security Vendors to look out for in 2017 from the 1500+ Vendors globally. Believe me this was not easy & we don’t claim this is exhaustive list as it probably will never be as we mi

• Encryption Technology is a process of protecting your sensitive data by converting it into encoded information which could be read only with a key. Endpoint Encryption technology ensures data privacy by encrypting data stored on your endpoints—incl

Here We are going to discuss about some of the top cyber security mistakes startups make. Thanks to the flourishing start-up ecosystem, there is a surge of entrepreneurs coming up with innovative and bright ideas and delivering great products and ser

• The world of cyber security is moving so fast, that it is important to keep yourself updated with the newest technology. There are numerous articles, newsletters,reports etc claiming to provide authentic information, but which one to trust ?! Hence,

• We have completed our selection of the final list of Top Indian Cyber Security Vendors to look out for in 2018 from all the vendors nationwide. Believe me this was not easy & we don’t claim this is exhaustive list as it probably will never be. But s

CyberSecurity Maturity of Indian Industries Show Grim Picture: Large Banks Score 61 & Online/FinTech Startups Score 8 (Out Of 100), As Per FireCompass Report

India, August 31, 2017 – FireCompass, a Cyber Security product company that specializes in