OWASP Top 10 - 2017 Revamp!

OWASP Top 10 - 2017 Revamp!

Finally OWASP is performing a revamp of the Top 10 web-vulnerabilities as per the inputs received from the community. For the first time the OWASP community have also shared the inputs received from different Security consulting/ services firms. Reading through the list, it gives a good idea on what kind

Are you using SIEM as a Service?

Are you using SIEM as a Service?

SIEM as a service; in the cloud - Is it possible? Is it a fad? Or, is it yet to evolve? While we are catching up on cloud transformations, and moving generously in someone's data center, someone's VM or container; SIEM as well joined the cloud market. And, out emerged

DDOS: Turn your Toaster Off!

Most of you are already aware of the fact that half of the internet went down (or slow), when a 'bad-hackers' group weaponized 'millions of insecure IOT devices' to attack a DNS provider. Personally from my browsing habits, I was largely effected by Twitter being dramatically slow while other sites

Target _Blank - The Infamous Issue

This is one of those vulnerabilities which hasn't got enough spotlight, and therefore vendors are still reluctant to fix it. Some of the vendors do not consider this a vulnerability at all. Here via this blog post, I would like to highlight this issue, and also possible workaround(s). What

NIST Digital Auth and Password Rules

Passwords are important and it's no secret that we are bad in finding complex passwords during sign-up processes. The initial idea of OneID, or OAuth is not doing very well for the common user, and therefore people are registering on 100s of websites - commercial, social networks, banks etc. without


    Recent Posts