Palisade Magazine
 
Datamonitor Survey on Software Security Testing

May 2005

Datamonitor Survey on Software Security Testing

by Sangita Pakala, GCIH

In late 2004, Paladion commissioned Datamonitor to study the security testing trends among 68 ISVs. Here we present the results of the survey and share the white paper with you.… more →

Steganalysis

by Sonali Gupta, SANS GCIH

Steganalysis is the technology that attempts to defeat steganography—by detecting the hidden information and extracting or destroying it. Let us look at these interesting techniques that extract/destroys the hidden data from the Stego-object (the modified medium with the hidden information). … more →

Security Reverse Proxy

by Sam Varughese, CISSP

Web applications vulnerabilities are increasingly being used by attackers to compromise systems on the internet. This has created demand for a mechanism to secure web application without rewriting the whole application. In this article, we see how a security reverse proxy can be used to provide reasonable security for web applications in an organization.… more →

QuizQuiz: Masking Web Server Banners

How should I mask my web server’s banners to get enhanced security?

  1. Edit the server’s source code or the binary to change the default string
  2. Edit configuration files or install a plug-in to mask the banner of your server
  3. Never mind, obscuring banners doesn’t enhance security!

more →

Review: Technical Info

One of our favourite websites on application security, Technical Info hosts a large collection of papers by Gunter Ollman. Here’s an introduction to the website.… more →

On the blog recently

Past quizzes

  • Dec '05 : What’s the best strategy to validate the inputs in our application?
  • Oct '08 : How does a web server specify the life time for a page to the browser's cache?
  • Aug '05 : What kind of attacks does SSL prevent?
  • Jun '06 : How can we prevent directory traversal attacks on the web servers?
  • Oct '05 : Which logging mechanism is best to trace back to the culprit in case of an application fraud, for example, when a fraudster may have illegally transferred money from somebody else’s account to his own account?

Search this website

 Search website

Stay Informed

Want to know when the new issues are out? Just fill in your details, we will take care of notifying you when new issues are released:




Subscribe  Unsubscribe

Write to Us

All flowers, brickbats and suggestions are welcome. You can put in yours on the feedback page.

News & Events

  • 03.03.10. Binu Thomas, CTO Plynt, presented at the RSA Conference 2010 on the topic “Application Security Across the Enterprise: Lessons from the Trenches”. This is the fifth time Paladion has been invited to present here.
  • 25.12.09. Plynt has been selected as a finalist for Red Herring’s Global 100 award, a prestigious list honoring the year’s most promising private technology ventures from around the world.
  • 10.12.09. Deloitte Fast 50 India features Paladion 4 years in a row. The ranking of the 50 fastest growing technology companies places Paladion in the 19th spot.
  • 21.05.09. ICICI Bank and Paladion Have Been Awarded the Best Banking Security Systems Project by the Asian Banker IT Implementation Awards Program
  • 20.04.09. Info Security Products Guide Names Plynt Certification Program Winner of the 2009 Tomorrow’s Technology Today Award