Here's a small classification of Types Of Threats In Application Threat Modeling. This was earlier presented in SACON (International Security Architecture Conference) by Nilanjan De [Multiple patents, Zero Day Discovery, Co-Founder at FireCompass]
All Posts (2678)
Sort by
With Big Data and Behavior Analytics advances, the need of an SIEM at the enterprise level may be a question. This question is addressed in this report. It analyses, dissects and tries to find out the pros and cons of both sides.
Why R
This report gives insight into 4 key cyber security incident trends observed in 2015. Includes top insights and detailed analysis of each attack and how one could prevent their organisation from being a target as well as mitigation.
A ransomware attack crippled hundreds of computer networks across the globe. The systems were shut down and rendered useless until the attackers received the “ransom” through money transfer on Bitcoin. The ransomware essentially encrypts the files on
Building a new SOC capability may involve lot of planning and would attract huge initial investment.
While there are multiple approaches to address this, given below are some of the simple steps one can follow:
1. Understanding Business Goals, type of
Author - Sanjay D. Tiwari, CISO, Suryoday Small Finance Bank
Prioritizing the handling of the incident is perhaps the most critical decision point in the incident handling process.
Incidents should not be handled on a first come, first served basis b
In this Forrester's report they identify and analyze 13 significant firms in the IT security consulting services - Accenture, Atos, BAE Systems, Dell SecureWorks, Deloitte, EY, HPE, IBM Security Services, KPMG, Protiviti, PwC, Verizon & Wipro
Why
Organizations around the globe are investing heavily in cyber defense capabilities to protect their critical assets. Whether protecting brand, intellectual capital, and customer information or providing controls for critical infrastructure, the means
As mobile gains more capabilities and access to company data, mobile devices continue to play an important role in how workers do their jobs. Information workers are no longer tied to their PCs — smartphones, tablets, and laptops give them the flexib
Author - Tushar Vartak, Director Information Security, Rak Bank
Since 12th Apr 2017, a Ransomware exploiting MS17-010 has been wreaking havoc worldwide.
Precautions to be taken:
1 - Patch Management
- Ensure all Workstations and Servers have th
On 12th May, 2017 a Ransomware attack named as “WannaCry” Ransomeware, one of the largest ever cyber attacks - was reported, infecting the 19 trusts of NHS (National Health Services) in UK and infecting computers in many other countries including Spa
SACON is India's 1st & Only Security Architecture Conference. With over 100 participants, this was the second year of SACON and here are a few highlights we wanted to share with you. It was held on 12 -13th May, Hotel Hyatt, Pune, India.
We had with u
Speaker: Nilanjan De [Co-Founder @FireCompass]
Please Note - Speaker presentations represent the views of the individual speakers and not of CISO Platform or their employers
Speaker: Arnab Chattopadhayay [ Senior Director @Capgemini ]
Please Note - Speaker presentations represent the views of the individual speakers and not of CISO Platform or their employers
Speakers: Nagasai Arun Panchakarla [ Co-Founder @SensiBridge ], Sri Chakradhar K [ Co-Founder & CTO @Entersoft ]
Please Note - Speaker presentations represent the views of the individual speakers and not of CISO Platform or their employers
Speaker: Raj Gopalakrishna [ Co-Founder & Chief Product Architect @Acalvio Technologies ]
Please Note - Speaker presentations represent the views of the individual speakers and not of CISO Platform or their employers
Speaker: Sujata Tilak [ Managing Director @Ascent Intellimation Pvt. Ltd. ]
What Will You Learn ?
- IIoT Security Standards
- CyberSecurity Requirements
- GOI - Draft Policy On Internet Of Things
- ISA / IEC 62443 Standards
- Application Of Standard to IACS
- Overlay
Speaker: Ajin Abhraham [ Security Engineer @Immunio ]
What Will You Learn ?
- Appsec Challenges
- State Of Web Framework Security
- How WAF Works
- WAF Problems
- Evolution : WAF -> SAST -> DAST -> IAST -> RASP
- Types Of RASP
- Monkey Patching
- Lexical Analysis & Token Gen
This was presented at SACON - The Security Architecture Conference - largest security architecture conference in the region. You can find the full presentation here.
Speaker: Chandra Prakash Suryawanshi [ SVP @Aujas Networks Pvt. Ltd. ]
You can view on
What Will You Learn ?
- Dissecting detection systems
- why do we need 'analytics'
- learning systems
- anomaly/ heuristics / dictionaries
- machine learning use cases
- why Ml works / fails
Presentation: Threat Detection using Analytics & Machine Learning
Speaker: Shomi
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)
- Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
- Created by: Biswajit Banerjee
- Tags: ciso, pen testing, red team, security leadership
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
