Manufacturing companies are heading towards IoT (Internet of Things) in a fast pace. While most of the companies are focused on automating their production processes, they seems to be losing focus from one key element – information security. This article Read more…
IOT Vulnerability Assessment and Penetration Testing IOT, which is a buzzword in many business industries and also its becoming one of the most important trend in the history of the software industry. IoT are physical objects that connect wirelessly to Read more…
Cloud services offer great scalability and flexibility. However, for a company, the adoption of cloud services is challenging as it raises concerns about security. Even though being ISO 27001 certified, if a company is using or providing cloud based services, Read more…
Test cases for SQL Injection via ORM Sink What is an SQL injection? SQL injection (SQLi) is a major or one of the top OWASP application security weakness that allows attackers/hackers to inject, gain control in an application’s database and Read more…
SOC for Service Organizations reports are designed to help service organizations that provide services to other entities, build trust and confidence in the service performed and controls related to the services through a report. Each type of SOC for Service Read more…
In an industry running on Active Directory, if there is an espionage that needs to be investigated, a critical analysis of AD settings is important. Active Directory is the backbone of identities for many organizations around the world, but it Read more…
Confidentiality is the term used to describe information/data privacy which means the information is not made available or disclosed to unauthorized entities or individuals. Integrity is the term used to describe information/data accuracy and completeness throughout its lifecycle. That means Read more…
HIPAA Compliance for Mobile Apps With lots of mobile apps handling or processing PHI (Personal Health Information), the HIPAA (Health Insurance Portability and Accountability Act) compliance is becoming a mandate for such apps. This article brings clarity informing what all Read more…
Major attacks • Back-door: A back-door attack takes place using asynchronous external connections or dial-up modems. Here, the strategy is to gain access to a network through bypassing of control mechanisms and getting in through a backdoor such as a Read more…
Security threats 1. Misuse of Cloud Computational Resources: In order to conduct cyber-attacks on computer systems, a large amount of computing power is required. So, hackers use multiple computers to develop higher computing power. This is a complicated case which Read more…