IOT Vulnerability Assessment and Penetration Testing IOT, which is a buzzword in many business industries and also its becoming one of the most important trend…
ISO 27017 & ISO 27018 Compliance Documentation
Cloud services offer great scalability and flexibility. However, for a company, the adoption of cloud services is challenging as it raises concerns about security. Even…
SQL Injection Attack Via ORM Sink
Test cases for SQL Injection via ORM Sink What is an SQL injection? SQL injection (SQLi) is a major or one of the top OWASP…
SOC 2 FOR SERVICE ORGANISATIONS
SOC for Service Organizations reports are designed to help service organizations that provide services to other entities, build trust and confidence in the service performed…
Cyber Forensics – Active Directory Investigation
In an industry running on Active Directory, if there is an espionage that needs to be investigated, a critical analysis of AD settings is important….
Cyber Security Definitions
Confidentiality is the term used to describe information/data privacy which means the information is not made available or disclosed to unauthorized entities or individuals. Integrity…
HIPAA Compliance for Mobile Apps
HIPAA Compliance for Mobile Apps With lots of mobile apps handling or processing PHI (Personal Health Information), the HIPAA (Health Insurance Portability and Accountability Act)…
Cloud Fundamentals and Cyber Security Assessment -4
Major attacks • Back-door: A back-door attack takes place using asynchronous external connections or dial-up modems. Here, the strategy is to gain access to a…
Cloud Fundamentals and Cyber Security Assessment -3
Security threats 1. Misuse of Cloud Computational Resources: In order to conduct cyber-attacks on computer systems, a large amount of computing power is required. So,…
Cloud Fundamentals and Cyber Security Assessment -2
Cloud Delivery Models In a IaaS model too, infrastructure is provided to run applications. The cloud computing approach provides a pay-per-use model for the client…