Security Articles

Transition from DevOps to DevSecOps

DevSecOps is a process of integrating and streamlining security practices earlier within the DevOps process. This can be achieved by replacing the traditional process of working in silos with that of increased communication and shared the responsibility for security processes during various phases of application/software development lifecycle. It helps identify security issues early in the development process rather than after a product is released.

Adopting DevSecOps process will have the following benefits:

Security Intelligence: You miss, attackers hit !!

Today’s world is more interested in analytics and automation. Likewise, Security is more focusing on automating the process of generating network alarms, identifying threats and risks with real-time correlation and behavioral anomaly detection. Security requirement is more of gathering security information from across the organization and analyze it to automate the threat detection, vulnerability identification, risk management, anomaly detection and for forensic analysis.

Let’s see one by one in detail what is covered in Security Intelligence and analytics:

1. Gathering security logs, relevant information from across the organization and having big data analytics capabilities is a must require ingredient. We must be able to capture necessary network traffic, endpoint and user behavioral data, application data, threat intelligence feeds. So we know what’s happening in our environment very well.

Blockchain Technology - Digital Era

The blockchain is the new buzzword in today’s banking environment. A blockchain is basically a growing list of records, called blocks, which are linked using cryptography. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data (generally represented as a Merkle tree root hash). By design, a blockchain is resistant to modification of the data. It is "an open, distributed ledger that can record transactions between two parties efficiently and in a verifiable and permanent way".

Blockchain was invented by Satoshi Nakamoto in 2008 to serve as the public transaction ledger of the cryptocurrency bitcoin. The invention of the blockchain for bitcoin made it the first digital currency to solve the double-spending problem without the need for a trusted authority or central server. The bitcoin design has inspired other applications.

GOSINT – An open source intelligence gathering and processing framework

GOSINT – the open source intelligence gathering and processing framework. GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations 

The GOSINT, is an Open Source Threat Intelligence platform that helps us to identify and process the threat intelligence. GOSINT analyses structured and unstructured threat intelligence and helps a security analyst to identify different Indicators of Compromise (IOC) which can be driven into other tools like CRITs, MISP, or directly into log management systems or SIEM.

For detailed information on GOSINT, please click on attached pdf file.

Authored By - Nadish Shajahan and Mohammed Farhan
TCS Cyber Security Practice

Moving to Cloud: Security Risks and Securely Adopting Cloud

In order to have a competitive edge in the market and to meet the ever-growing customer needs, organizations are now switching to a virtual infrastructure offering more distributed, agile and flexible services as compared to the traditional computing which is referred to as “Cloud Computing”. 

NIST defines cloud computing as: “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” 

Microsoft SQl Server Database: Making Aware of Database Security

Securing your database from Cyber Attack is most important. Database Security involves a different type of mechanisms to protect the database against Intentional or accidental threats.

Microsoft SQL Server provides various security models including integration with Windows Authentication to provide robust security platform for managing your organization's information. Security can be managed across all database objects including tables, views, stored procedures and at a very granular level. Database encryption is now available as well to secure SQL Server database at rest.

Please see the attached document to read more about Transparent Data Encryption, Backup Encryption, SSL Encryption, Best practices to secure your SQL server and more.

Errors in Security Technical Documentation: What Can Go Wrong?

Errors in Security Technical Documentation: What Can Go Wrong?

Technical documentation is either the first or the last stop for users looking for authentic information. Documentation has a main purpose of linking ideas, technologies, processes, and products with people who need to understand or use the products in an "audience-friendly" way. 

With regards to Technical Documentation, the quality of the document should be built into the process. This is best done by detailing the requirements for the service or product or tool during technical documentation as creation is one of the key aspects to it. 

How to achieve quality?

Create a style guide: The style guide defines the language to be used. Defining this early on ensures that consistent, unambiguous words and phrases are agreed, so making the document and review process simpler.

Are we still hesitant about the importance of security in wireless implementations?

Are we still hesitant about the importance of security in wireless implementations?

In our day to day to life, wireless technology like Bluetooth, Wifi is playing an important role to an individual and also all organizations when it comes to deploying wireless networks, applications, and devices to improve employee productivity. But the concern is when any confidential, personal and private data is flowing over the wireless path, how are we confident that our data is secured or doesn't get tampered or stolen in air transit. Here comes the importance of wireless security for our home networks and all organizations when it comes to deploying wireless networks, applications and devices and this article will shed some light on the basics of wireless security and it's importance.

Defense-in-Depth – What Strategy To Follow?

Defense-in-Depth – What Strategy To Follow?

Defense in depth (also known as Castle Approach) is an information assurance (IA) concept in which multiple layers of security controls are placed throughout an information technology (IT) system. It is the concept of protecting a computer network with a series of defensive mechanisms such that if one mechanism fails, another will already be in place to thwart an attack.

How to exploit Cross Site Request Forgery attack on web applications where request is posted in JSON format!

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state-changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

Please see the attached pdf to read more about How does a CSRF attack works and what are the recommendations to protect yourself against this attack.


Subscribe to RSS - Security Articles