August 2010
Cloud Computing Security
by Sanjeev Verma
Before diving into the security aspects of cloud computing, let us first understand the basic concept of cloud computing. In cloud computing, cloud stands for internet and computing means using computer technology, hardware, and software, i.e. using or sharing the computer technology, hardware and software over the internet. Different cloud service models are as follows:… more →
Why Static Analysis?
by Vivek Shetti
XYZ organization had their critical financial application tested by an information security company. The tests found that the application had adequate security controls in place for protection against hackers. Even the web server on which the application was hosted was well-protected. A week later, the application was hacked and important financial details were compromised. On analysis, it was found that the attacker gained entry into the application through a backdoor that allowed him to access the application as a high-privileged user.… more →
Thinking Beyond Security Assessments
by Kumar Manivel
Security assessments have been performed for my entire infrastructure and applications, what else? Most of the time, we see that customers feel completely safe after a security assessment of their infrastructure. However, this should not be the case, because factors such as frequent changes in organization infrastructure, various patch releases from software and hardware vendors, new (untrained) employees, and new security threats, will lead to security breach. Security is not a product but a process.… more →