Author: Admin

Security Awareness Training Requirements Of PCI DSS

Training Requirements of PCI DSS Security awareness is one of the key drivers that led to PCI DSS 3.0.  In this article, we will learn about the requirements that are essential for organizations to fulfill this PCI DSS requirement. What does PCI DSS say? PCI DSS has clearly stated in requirement number 12.6 to “implement a formal

Read More
WordPress Hardening

Listed below are many changes that can be implemented on any host and will greatly increase the security of your WordPress installations.   If your WordPress is already hacked  Enable WordPress auto updating In order to stay secure, you should always use the latest version of WordPress. You can enable auto-updates by adding or changing

Read More
PCI DSS Penetration Testing Requirements Detailed Explanation

PCI DSS Requirement 11, commonly referred to as the “Pentest requirement,” mandates any company that processes, stores, and transmits electronic card transactions to conduct one PCI penetration Testing annually. Additionally, the requirement states that organizations must conduct a penetration test each time a significant change occurs to network infrastructure or applications. What is deemed “significant” depends on an entity’s risk

Read More
Android Application Penetration Testing

Smartphone users are exposed to various threats when they use their phones. These threats can disrupt the operation of the smartphone, and transmit or modify user data. For these reasons, the applications deployed there must guarantee the privacy and integrity of the information they handle. Mobile security involves protecting both personal and business information stored

Read More
Heartbleed Vulnerability

Many of us have been hearing the word Heartbleed and are wondering what is that and how severe is this and why everyone is talking about it. Here we are going to discuss this most spoken Vulnerability and how to test it. The majority of Online Services use OpenSSL, a security standard that encrypts the communication between

Read More
Choosing Your PCI Compliance Pen Testing Vendor

How To Choose Your PCI Compliance Pen Testing Vendor Before getting into PCI Compliance Pentesting let’s have a small introduction about PCI DSS. PCI DSS is mandated by the major card brands like Visa, MasterCard, American Express, JCBandDiscover and is administered by the PCI Security Standard Council (PCI SSC). Any organization/vendor/company that processes payment by means of debit

Read More
Implementing ISMS Framework Like ISO 27001

Information security is becoming more and more important as more than 80% of corporate data is residing in IT systems.  More corporates and financial institutions are making it mandatory for their third parties to implement an Information Security Management Systems (ISMS) preferably ISO 27001 to ensure the data managed by the third parties are protected from unauthorized disclosure, unauthorized

Read More
HTTP Proxy Vulnerability And Mitigation

HTTP proxy also called Httpoxy is a scripting vulnerability that affects server-side web application code running in Common Gateway Interface (CGI) environment such as Fast CGI configuration, programming languages like PHP, python, Go, etc. VendHQ researchers named this vulnerability Httproxy. Httproxy described as a set of vulnerabilities impact by a simple namespace conflict: RFC 38875 (CGI) puts

Read More
PCI DSS V3.2 – Changes Overview

Almost a year after the release of PCI DSS V3.1 yet another upgraded version has been introduced by the Payment Card Industry Security Standards Council, PCI DSS V3.2. Every time when a new version is released much new functionality will be added and it would focus on some major criteria. When PCI DSS V3.1 was released last year

Read More
Website Security – An Overview

Website Security is not just a word but a serious issue to look for. Nowadays everything is connected to the web and literally, you can do whatever you wish through the web like marketing, advertising, selling, purchasing, getting solutions, learning, working, earning, fund transactions, etc. Almost all the needs of people are catered through the

Read More