Category Archives: Articles

Business case to convince Management for Security Incident Response center

Today i am reading through mandiant document named ‘Planning for Failure”. It contains real data that emphasizes on breaches and necessity to plan for failure to protect. For any company or security consultancy that real data can be used for … Continue reading

Posted in Articles, Security Management | Tagged , | Leave a comment

PCI Compliance Dashboard guiding PCI Compliance journey

A well composed guide for PCI Compliance, it includes “SANS Top 20 Critical Security Controls” and many others. It helps giving simple and clear guidelines for ensuring security for any organization irrespective of PCI compliance mandate. It can be downloaded … Continue reading

Posted in Articles, Resources, Security Management | Tagged | Leave a comment

Leaveraging Third Party Intelligence to protect your organization

While Having a good traditional secure architecture is important and also very important to have Third Party intellegence to foster security of your organization. Gone are the days reactive security handling protect your organization. Being proactive is highly needed and … Continue reading

Posted in Articles, security, Security Management, Uncategorized | Leave a comment

A Way to get private information out of Europe

As a security incident responder,EU Privacy laws is always a barrier dealing with a security incident involving a device/person in Europe. It sucks. US Safe harbor is a way to get that information legally where in your organization which is … Continue reading

Posted in Articles, Security Management | Tagged , , | Leave a comment

Superb Automated Malware Binary Analysis Service – Figure out what malware does in minutes

These days, malware are VM aware to defend against automated analysis tools such as anubis, cukoo. And these automated analysis are based on behaviour analysis of malware that gives only tip of what actually it does as they are now … Continue reading

Posted in Articles, Notes, security | Tagged , , | Leave a comment

Data Loss Prevention

DLP Technology is just a technology and is effective when implemented with business case driven by specific requirement.     Full notes – HERE

Posted in Articles, Notes, security | Leave a comment

Oh Shit.Yahoo mail is XSS vulnerable stealing cookies – zeroday

Just seen a yahoo e-mail exploit stealing yahoo cookie from yahoo email. This is no good.. Yahoo mail is XSS vulnerable as it failed to validate FROM field Email Header You receive a email exploit and you open in it … Continue reading

Posted in Articles, security | Tagged , | Leave a comment