Security Articles

Inconsistent Scan Results (Dynamic & Static)

Inconsistent Scan Results Dynamic and Static Scan

Day in, day out, of office there will be multiple dynamic & static scanning in progress. This has been the case for past 4+years. Couple of things that was constant, while the time & team members kept changing was self & the routine complaint of the scan results being inconsistent. Be it dynamic or static the scan results were inconsistent across time even if all other factors like “code/app version, scanner settings etc…” remained unchanged.

With the scanners being proprietary we had little to understand the internal details. What followed all this time is ticket after ticket after ticket after ticket on vendor portal. 

2014 Mega Breaches - A Review

Mega Security Breaches

The purpose of writing this article is to bring some light to last year breaches in the world of Information Security. As an Information Security professional, it is our responsibility to protect our company’s assets, our customer’s assets from the world of breaches. In a recent cyber security conference RSA president Amit Yoran’s speech was one of the highlight where he pointed out the need of next generation SIEM’s. He mentioned that only less than 1% of attacks were detected by SIEM. We  always believe, we are good and safe with the infrastructure we have. 2015 is going to be a challenging year where more APT’s or different sophisticated cyber attacks are going to witness. Are our Security operations or out customer’s Security team well versed to deal with it?

Consider if we get a message like this one day all of a sudden?

We’ve already warned you, and this is just a beginning.

We continue till our request is met.

Cross-Site Scripting - Expounded

Cross Site Scripting

Through this article I would like to explain more about Cross-Site scripting. For this, I will introduce two imaginary characters, Peter and Bob – Peter is a Network Security Engineer and Bob, Information Security Engineer. I will take you through one of their discussions about Information Security.

Peter – Hey Bob, whats up ? How was last week ? I was very busy last week, Hows it going ?

Bob – Hey Peter, nothing much. Last week it was hectic. Was working on one presentation about Cross-site scripting. There were some new joiners in my team. So my manager wanted me to give some presentation on it and I was working with that.

Peter – Ohh..Great..So, some new learning. Can you explain me something more about it.

Bob – Sure, so tell me where to start?

Peter – We will start with the basics of Cross-Site scripting?

The Horse Refuses to Drink

There is an age old saying - "You can take the horse to the water but you cannot force the horse to drink". Reflecting on this I could think of two reasons either The horse isn't thirsty or .....

It's common knowledge that web applications today are the prime targets for an attacker. Across all reports you will easily see them taking the honours. Now consider the fact that knowledge about the type of attacks and the remediation measures are available across the net to an extent that was never seen before. Handy tutorials and remediation guide exists to assist developers in their fight against hackers. Trusted reusable components are available to avoid reinventing the wheel and shorten the development time. Scanners and tools are available which can be used to perform line by line by code reviews or testing with latest rulepacks.

European Privacy Directive Explained

European Privacy Directive Explained

The European Union privacy focus has been more broadly on the individual’s right to privacy regardless of industry vertical. The EU Data Protection (Directive 95/46/EC) is stricter from data protection perspective. This often becomes a challenge for MNCs, how to handle data especially when they need to transfer data across international boundaries. These regulations include:

Enterprise Vulnerability Management Framework - Part 1

Enterprise Vulnerability Management Framework

The earth has been trembling for a while now, the great Himalayan quake has left the Nepalese dazed and razed. In India we have been rumbling for weeks now, we are all scared of the unknown. None can predict the timing of an earthquake.

My professional service line is equally unpredictable. I work in the area of software security yet I cannot predict a breach. I can map an organization with vulnerable-seismic zones and can quantify the severity of a breach (a la Richter scale) yet I cannot predict the exact timing of a breach.

Like in an earthquake as the great tectonic plates move and collide, the vulnerabilities also connive to move in groups and expose an oceanic trench for the prying hacker waiting with his fishing rod for a prized catch. Vulnerability management often misplaced in the shoes of a vulnerability assessment is not adequate to secure organizations.

Commjacking - The latest trending Cyber Threat

Commjacking ÔÇô The latest trending Cyber Threat

In the era of ever increasing connected society through WiFi and Cellular network, there is recent cyber threat making a round named “Commjacking”. It basically hijacks the communication between the device and WiFi/Cellular network the device is connected to. By hijacking the communication, attackers are able to eavesdrop on dialogues, intercept data exchange to and from the device and manipulate the data, or the device itself.
We usually assume that a wireless signal used by mobile computing device is trusted source of Internet access, however the criminal minds have started to abuse that trust by setting up fake wireless network using commjacking technique for nefarious use. This is happening due to the easy affordability of interception techniques available as open source kits amounting few dollars. Once a mobile device connects to this “hotspot honeypot”, attacker can start stealing the data including emails and financial transactions.

Insider Threat - A cyber security risk that cannot be outsourced

Insider Threat - A cyber security risk that cannot be outsourced

Today, are Boards concerned about the risk from Insiders to their business due to cyber-attack? Boards often ignore the risk due enterprise’s own employees. Who are these troublesome employees? Cyber insiders come from any part of the business. Recent study indicate 36 per cent of the worst security breaches are caused by unintentional human error and 10% are intentional misuse of systems by own employee.  This is not a trivial problem. Insider risk is not a risk that can be outsourced or cannot be solved only by technical solutions.

The Cyber Insiders are of three types:

Formats for Low Level Network Data

Low level network data

In the world of security, it is important to understand how various tools exchange information. This knowledge helps in extending the solutions or creating valuable add-ons. This post describes some formats developed to represent data collected by security monitoring systems at the network level. Many of them have not been formally standardized and further analysis is generally required to extract useful (i.e., actionable) information.

Cyber Security Insurance

Cyber Security Insurance

Cyber Security Insurance
Data security is any organization's top concern. Investments are made by organizations to secure their Business Applications, IT Systems and underlying network to avoid data breaches and keep their own and customer's data private and secure.
Organizations are also investing in buying insurance cover to protect them from cyber threats. Cyber insurance has been offered by insurance companies for some time now, and effectively used to mitigate risk under transfer of risk. However not may security professionals are aware of this and rarely offer this as a mitigating control to their customers.
Cyber security insurance is designed to mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage.
Cyber security insurance policies offered by leading insurance providers:
First Party Protection


Subscribe to RSS - Security Articles