All Articles

To select the best IT GRC tools/solution for you, you need a checklist of all Use Cases for your organization. Prioritization of that followed by weighing the implementation ease can help you choose the best IT GRC solution. Here are few Use Cases to

Hello, dear readers, recently we have finished our series of articles on how to Secure SAP Systems from XXS vulnerabilities. Having a great success with the previous series, I decided to launch another series of articles called “SAP Security for CISO

No doubt you had heard about Chrysler’s recall of affected cars as it appeared in all the top media. You’ll be even more surprised if you see how many recalls happened because of technical issues in recent months. But there is something that we may m

General

When did we do our last data inventory check?

Secure Development 

Do we follow secure SDLC? Is security looked into from the scratch?

What is the cycle of application testing?

What are the most major security vulnerabilities/flaws existing

SAP has released the monthly critical patch update for July 2015. This patch update closes a lot of vulnerabilities in SAP products, some of them belong in the SAP HANA security area. The most popular vulnerability is Missing Authorization Check. Thi

Last Wednesday Harvard University announced that on June 19 an intrusion on Faculty of Arts and Sciences and Central Administration information technology networks was discovered. According to the announcement on Harvard website, this breach affected

Incident Response is pretty much the same, however the first few hours can be vital and only high priority actions can save the situation. Since this is a Security Breach, it is of highest priority and must be treated at highest escalation level.

Here's a list of World's Best and Most Popular IT Security Conferences. Details such as Tentative Time, Pass Price and Locations are mentioned so you can plan your Calendar.

Top IT Security Conferences In The World:

1. Black Hat

Claims to be the mo

Convincing the board to spend on the security initiatives has always been challenging. The ROI being very complex, the information security world is often overlooked. Here's a template to help structure the IT security content for the Board.

Key Con

Here is a comprehensive checklist to Evaluate SIEM Vendors. We highly appreciate this community contribution.
by Sunil Soni, CISO, Punjab National Bank

Vendor Selection Framework For Integration Of Threat Intelligence With SIEM

Key Selection Cr

Technical Skills:

Major Areas Of Focus:

• Incident Response
• Computer Forensics
• Network Security
• Secure Architecture

( Read More: CISO Platform Top IT Security Influencers (Part 1) )

Conceptual (Understand How-It-Works):

• Fundamental security conce

The Future of Techs look so promising that we may live in Sci-Fis super soon. So, I thought of covering some mind blowing concepts, some of which may have also taken shape:

• Google Automated Cars
  This is a very popular project and the interesting thi

Recently, HP published their yearly Cyber Risk Report 2015. Having many typical things spotlighted in this report such as growing number of ATM and IOT Security events, we have found some parts that are relevant to business application security, whic

Intro

On 11th of May, a security headline broke out in the news, it was about an attack on USIS (U.S. Investigations Services) conducted potentially by Chinese state-sponsored hackers via a vulnerability in SAP Software. Hackers broke into third-party

The peace, prosperity and economic development of any Nation depends upon its critical infrastructure and how well-protected it is. These critical infrastructures are distributed physically and virtually in space and time. The Supervisory Control and

In our previous article we’ve already covered how SAP ABAP Security Storage works. Today’s post is dedicated to SAP HANA Security Storage.

SAP HANA is a recent key product of SAP. It is a software solution based on the in-memory technology, that reduc

The next Leap(26th leap) Second will be on 30 June,2015. The last one was on 30 June,2012.

What Is It?

Earth's rotation is slowing down around it's own axis, so we need to Leap a few seconds to catch up. Occasionally seconds are added to UTC to comp

With this article we are starting new series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. XSS is by far one of the most popular vulnerability indeed in all produc

April 17, 2015 – As a part of monthly updates Microsoft released security update MS15-034 which closes vulnerability in driver HTTP.sys which enables an attacker to execute arbitrary code on OS remotely.

This update has a critical status as almost eve