Its All About Ethics
Its All About Ethics
Cloud services offer great scalability and flexibility. However, for a company, the adoption of cloud services is challenging as it raises concerns about security. Even though being ISO 27001 certified, if a company is using or providing cloud based services,…
Test cases for SQL Injection via ORM Sink What is an SQL injection? SQL injection (SQLi) is a major or one of the top OWASP application security weakness that allows attackers/hackers to inject, gain control in an application’s database and…
SOC for Service Organizations reports are designed to help service organizations that provide services to other entities, build trust and confidence in the service performed and controls related to the services through a report. Each type of SOC for Service…
In an industry running on Active Directory, if there is an espionage that needs to be investigated, a critical analysis of AD settings is important. Active Directory is the backbone of identities for many organizations around the world, but it…
Confidentiality is the term used to describe information/data privacy which means the information is not made available or disclosed to unauthorized entities or individuals. Integrity is the term used to describe information/data accuracy and completeness throughout its lifecycle. That means…
HIPAA Compliance for Mobile Apps With lots of mobile apps handling or processing PHI (Personal Health Information), the HIPAA (Health Insurance Portability and Accountability Act) compliance is becoming a mandate for such apps. This article brings clarity informing what all…
Major attacks • Back-door: A back-door attack takes place using asynchronous external connections or dial-up modems. Here, the strategy is to gain access to a network through bypassing of control mechanisms and getting in through a backdoor such as a…
Security threats 1. Misuse of Cloud Computational Resources: In order to conduct cyber-attacks on computer systems, a large amount of computing power is required. So, hackers use multiple computers to develop higher computing power. This is a complicated case which…
Cloud Delivery Models In a IaaS model too, infrastructure is provided to run applications. The cloud computing approach provides a pay-per-use model for the client and he/she can also scale the service depending on demand; i.e., you have to pay…
We at Valency Networks, keep on studying various attack patters, while performing application security penetration testing for our customers. We also keep an eagle’s eye on the attack that are gaining momentum, resulting into credible damages. This blog is an…