Image
1.8 K
Views
11th October 2018 1826

DevSecOps in the age of the cloud

In DevOps, the application is often releasing new features and functionalities. In every release, the business needs are deployed in the cloud for flexibility and service delivery but often they are skipping the information security service in completing the organisation’s on-time release

Image
5.3 K
Views
11th October 2018 5269

Server-Side Request Forgery-SSRF

Server-Side Request Forgery (SSRF) refers to an attack, wherein an attacker can send a maliciously crafted request from a vulnerable web application

Image
1.4 K
Views
9th October 2018 1421

PCI-DSS_3.2 - 2018 Changes

The Payment Card Industry Data Security Standard (PCI DSS) was developed to follow the policy and standards of cardholder data security which consistent data security measures globally

Image
1.7 K
Views
9th October 2018 1654

From tech-to business-driven security

In today’s digital world, IT security strategy must be transformed into Business-driven security strategy to prevent failure of vital digital transformation projects which will become irrelevant to the business model of an organisation.

Image
1.6 K
Views
9th October 2018 1602

NIST Cyber security Framework

The Framework offers an agile way to address cybersecurity, including cybersecurity’s effect on physical, cyber, and people dimensions. It applies to organisations relying on technology

Image
2.4 K
Views
9th October 2018 2360

Sparta

Sparta is a Python based GUI application and it’s a network infrastructure pentesting tool by aiding the pentesters in performing scanning and enumeration phase

Image
1.5 K
Views
8th October 2018 1481

Critical Corporate Cyber Security Risks-A Data-Driven List

It is a well-known fact that most of the corporate organisations have been the target of black-hat hackers and hacktivist groups, and they were experiencing data breaches, server compromise etc.

Image
12.6 K
Views
8th October 2018 12622

SQL Injection -Using Burp Suite

SQL injection is an attack when an attacker persuades to “inject” his harmful/malicious SQL code into someone else’s database, and force that database to run his SQL

Image
3.2 K
Views
6th October 2018 3156

Command Execution Attacks on Apache Struts server CVE-2017-5638

Apache Struts is a free, open-source, MVC framework for creating elegant and modern Java web applications.

Image
4.8 K
Views
6th October 2018 4823

Cross Site Port Attack XSPA

A web application is helpless against Cross Site Port Attack if it forms client provided URL’s and does not disinfect the backend reaction obtained from remote servers previously while sending it back to the client.

Image
3.8 K
Views
3rd October 2018 3813

CWE-79 Improper Neutralization Of Input During Web Page Generation Cross-Site Scripting

Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications.

Image
2.4 K
Views
3rd October 2018 2386

CWE-78 Improper Neutralization Of Special Elements Used In An OS Command Injection

OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.