It disappoints me to see the huge focus on technology Not a criticism of the site or the people posting but a reflection of the, misguided, view that information is "owned" by technology because they are the people providing the mechanisms to process
All Posts (2024)
Sort by
We use security products to secure our systems and our businesses. However, the very security products we use, can themselves have vulnerabilities which can leave us susceptible to attacks. We conducted a study recently to understand the vulnerabilit
This is a fundamental principle of the data privacy jurisprudence that the organization cannot disclose personal information without having prior consent of the data subject unless it is required by law. Global data privacy laws imbibed this principl
CISO Platform today announces the initiative to acquire the rights of “Top 100 CISO Award”. Top 100 CISO Award is the industry’s premier award to recognize the top Chief Information Security Officers and IT Security Professionals.
“Top 100 CISO
Social Media has been the buzz word recently. While I am writing this post, there are more than 500 million active users accessing Facebook and 50% of active users log on to Facebook at least once a day from their office, home , coffee-shop , school,
Gone are the days when Open Source software (OSS) was only being used in educational institutions like universities, research organizations etc. Today most organizations use open source for a variety of reasons such as accelerating time-to-Market, re
Why do we need a CISO Handbook?
- There is no single consolidated source of comprehensive and precise operational knowledge that a CISO would need.
- CISOs need to browse through a sea of information to find what is relevant to them.
- CISOs feel the nee
Writing not only functional but secure applications is not a new concept or idea that has taken the Industry by storm. However, many Government and Commercial Organizations are still not adhering to or requiring their Organizations to adopt, implemen
You must have heard about recent breach at LinkedIn, which led to exposure of 6.5 million hashed passwords available for download at hacker site. Many of such passwords were decoded and published on an un-authorized website. Feds are involved in inve
There is a common misconception that cyber criminals and hacktivists only target large enterprises to reap a bumper. The reality is actually very different, recently published surveys reveal that
- 84% of Small and Medium Businesses had a security breac
Our dependence on E-services has increased tremendously. All such services have the usernames and Passwords. This is main gateway for entry in to systems. Apart from that, transactional passwords. Even the password with secured and digital certified
1. Run Time Application Security Protection (RASP)
Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc and there is a great scope for a lot of these security features bei
A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done
What is SAST?
SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.
What is DAST?
DAST or Dynamic Application Security Testing is the proc
Safe Penetration Testing – 3 Myths and the Facts behind them
Penetration testing vendors will often make promises and assurances that they can test your Web Applications safely and comprehensively in your production environment. So when performing P
The legal terms have specific meanings and connotations. Leave aside the specific jargon; there is ambiguity about the very basic terms, like law, rules and regulations. In this post I have made an attempt to unravel some of these basic terms.
Statut
Our special webinar by CISO Platform and WebSense, was a great success with over 120 CISO's registering for the webinar.
Key Areas Covered
- Which are the most commonly used data security controls?
- What are the best practices for an effective Data S
APT (Advanced Persistent Threats) is the talk of the town. There is too much of noise and confusion. Everybody wants to make money. Quite a few uses FUD (Fear Uncertainty and Doubt) to sell their products. I wanted to highlight the APT secrets which
Static Application Security Testing (SAST)
SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.
Pros
• SAST can pin point the code where
IT arena is like a security battle ground, where internet is fundamentally open considering the major far-ends like social media, mobility, cloud, virtualisation etc which leads to targeted attacks.
On any given day; any organisation can suffer irrepa
.png)
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
CISOPlatform Breakfast Meetup @ Philadelphia
- Description:
CISOPlatform is hosting Breakfast meetup @Reston
Topic: CISO Burnout & Stress Management: Addressing Through Mindfulness
Join us if you are interested.Register Here: https://www.cisoplatform.com/ciso-burnout-stress-management-roundtable
- Created by: pritha
CISOPlatform Summit 2024
- Description:
CISOPlatform Summit: Stronger Together As A Community.
Join us on 30th May, Thursday, Shangri-La at Bangalore
Register Here : https://events.cisoplatform.com/cisoplatform-summit-2024
- Created by: pritha
SACON + AICON 2024
- Description:
(Train Your Team) Trainings From Past Blackhat/Defcon/Nullcon Trainers
Register Here : https://event.cisoplatform.com/sacon/
- Created by: pritha
