Blog

Log4j - A new java-based vulnerability has been uncovered

Application security testing is the process of detecting, repairing, and improving security practices to protect applications from threats throughout their entire lifecycle. Application security can assist organizations in defending all types of applications such as legacy, desktop, web, mobile.  Application security can be broadly classified into two SAS( Static Application Security) DAS( Dynamic Application Security) […]

WHAT IS FISMA? Abbreviated as Federal Information Security Management Act, FISMA was established as federal law by the government of the United States in 2002. It mandates the federal organizations to develop, document, and implement an information security and security program. In addition, FISMA drafts the guidelines for federal data and security standards. It also […]

WordPress is a secure platform for running your website as long as website owners adhere to best security practices. While the WordPress core is safe, there is still much that can be done to keep the website secure from threats. Given the popularity of WordPress, there is a lot more to be gained by WordPress […]

1. OSCP(Offensive Security Certified Professional) The Offensive Security Certified Professional (OSCP) is an ethical hacking certification that teaches penetration testing methodology and how to use the tools included with the Kali Linux distribution. The OSCP is a practical penetration testing certification that requires holders to successfully attack and penetrate various live machines in a controlled […]

Amazon Web Services (AWS) offers a product called CloudFront, which, when combined with AWS WAF, helps businesses protect their web applications from intrusion. However, during an engagement, it was discovered that the “SQL Database” payload could be bypassed. Why Modshield SB is a great AWS WAF alternate? When Modshield SB(Our very own Web Application Firewall) […]

Information security, abbreviated as InfoSec, is the process of safeguarding information by mitigating information risks. It’s a component of information risk management. It typically entails preventing or reducing the likelihood of unauthorized/inappropriate data access or the illegal use, disclosure, disruption, deletion, corruption, modification of information. Information security is achieved through a structured risk management process […]

Over many years, the vehicle and system development process have been refined to standardize specification and verification tasks. Road vehicles — Cybersecurity engineering focuses on cybersecurity risks in the design and development of car electronics.  Major components: The goal of ISO SAE 21434 is to build on the ISO 26262 functional safety standard and provide […]

Web Application Firewall filters web traffic between the internet and web application. WAF is based on a predefined set of instructions and customized according to the risk and specific needs of the web application. It analyzes the incoming packets and filters out possible threats at the application level. WHY DO YOU NEED ONE? With the […]

The Health Insurance Portability Accountability Act was established as federal law by the government of the United States to set the standard for sensitive data protection. Companies dealing with Protected Health Information(PHI) must adopt physical network and process security measures to ensure HIPAA compliance. Hospitals, doctors, clinics, psychologists, dentists, chiropractors, nursing homes, and pharmacies that […]