Compliance

PCIDSS Compliance For Mobile Application

PCIDSS COMPLIANCE FOR MOBILE APPLICATION WHAT IS PCIDSS PCI DSS (Payment Card Industry Data Security Standards) standard developed in order to ensure the security of card data and to reduce card fraud. Companies that are PCI DSS compliant must obey specific rules and fulfil requirements (technical, procedural, etc.) defined by the PCI Security Standards Council….

VAPT

How To Pentest Firewall

How to pen test a firewall externally Firewall is a device or software which is responsible for filtering traffic of network. It can be implemented between trusted zone (Corporate Network Area) and untrusted zone (Internet). All the communication between trusted and untrusted zone flow through firewall and it grants or reject the access. I t…

Compliance

How ISO 27001 Will Make Your Cloud Secure

How ISO 27001 will make your Cloud Secure? Having a Cloud environment is becoming simpler day by day. But Management, Expansion, Monitoring, Regulating, Controlling, Security of Cloud has become real worry in any Organization who as of now have a Cloud domain. If Operations related to these are not legitimately taken care of then it…

Compliance

Fundamentals Of ISO 27001

What is the ISO 27001 standard? The ISO 27001 standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an organization’s Information Security Management System (ISMS) It is aligned with other management systems And it supports consistent and integrated implementation and operation with related management standard ISO Features ⦁ It has…

VAPT

E-commerce Website Pentesting Final

How to pentest e-commerce website Setting up an E-commerce system is a complex process. It is necessary to be protected and customer privacy at the top of your agenda as a Retailer. To maintain the integrity of the E-commerce system, Penetration Testing becomes compulsory. Penetration Testing or Ethical Hacking is a necessary step in ensuring…

Web Security

CSRF For Banking Apps-Final Updated

CSRF Attack For Banking Apps Cross-site request forgery vulnerability is currently ranked Number 8 on the OWASP Top 10 vulnerabilities chart and is a very common application-layer vulnerability to exploit. It’s also known as a one-click attack, Session Riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF. WHAT IS CSRF CSRF allows the malicious attacker to use…

Cloud Security

Cloud Star Certification For Cloud Services Providers

Cloud Star Certification for Cloud Services Providers 1.What is CSA STAR Certification? CSA STAR Certification is a unique new scheme developed to address specific issues relating to cloud security as an enhancement to ISO/IEC 27001. Whilst ISO/IEC 27001 standard is widely recognized and respected, its requirements are more generic and therefore there can be a…

Cloud Security

Cloud Application Pen Testing

Cloud Application Pentesting With the growth of cloud computing, Penetration testing deployment is becoming bit difficult due to its shared responsibility model. Cloud computing brings concept of shared ownership to penetration testing. We will discuss here about the cloud, as well as provide tricks and tips for pen testing it. Cloud using shared responsibility Here are two…

IoT Security

Basics Of IoT Security Threat Modelling

⦁ Basic of IoT Security Threat Modelling The Internet of Things or IoT as we call it can be treated as to be interrupting the interruption. IoT where all the non humans are both clients as well as servers is said to be on the edge of widely interrupting the most famous, Internet. There was…