Category Archives: Security Management

Threat Intel Program – Quick Reference

Cyber Attack Taxonomy Threat Intel Taxonomy Threat Intel Classification Strategic Operational Tactical The decision by a competitor or potential competitor to enter your market space (e.g. a foreign competitor’s new five-year plan now shows interest in developing a domestic capability … Continue reading

Posted in Resources, security, Security Management | Leave a comment

Business case to convince Management for Security Incident Response center

Today i am reading through mandiant document named ‘Planning for Failure”. It contains real data that emphasizes on breaches and necessity to plan for failure to protect. For any company or security consultancy that real data can be used for … Continue reading

Posted in Articles, Security Management | Tagged , | Leave a comment

PCI Compliance Dashboard guiding PCI Compliance journey

A well composed guide for PCI Compliance, it includes “SANS Top 20 Critical Security Controls” and many others. It helps giving simple and clear guidelines for ensuring security for any organization irrespective of PCI compliance mandate. It can be downloaded … Continue reading

Posted in Articles, Resources, Security Management | Tagged | Leave a comment

Leaveraging Third Party Intelligence to protect your organization

While Having a good traditional secure architecture is important and also very important to have Third Party intellegence to foster security of your organization. Gone are the days reactive security handling protect your organization. Being proactive is highly needed and … Continue reading

Posted in Articles, security, Security Management, Uncategorized | Leave a comment

A Way to get private information out of Europe

As a security incident responder,EU Privacy laws is always a barrier dealing with a security incident involving a device/person in Europe. It sucks. US Safe harbor is a way to get that information legally where in your organization which is … Continue reading

Posted in Articles, Security Management | Tagged , , | Leave a comment

Practical Penetrating Testing in short

Penetration Testing as defined as per http://www.pentest-standard.org Pre-engagement Interactions Intelligence Gathering Threat Modelling Vulnerability Analysis Exploitation Post Exploitation Reporting   Vulnerability Analysis Mindmap  

Posted in Articles, Notes, Security Management, Tutorials | Tagged | Leave a comment

Whats the key to handling threats

what every company has in common with all required security in practice? – not just good thing but right thing 1)Understanding threat 2)Counter measures We are protecting, but detection is a MUST Detection – identify deviation in outbound traffic Any … Continue reading

Posted in Articles, security, Security Management | Tagged , , | Leave a comment