Amazon Web Services provides a sturdy set of controls on its own infrastructure, however, it is important to remember that you are responsible for the security of your own servers, not Amazon according to the shared responsibility model. As a part of the AWS shared responsibility security model, customers of AWS play a major role
Read MoreA Firewall is a hardware or software program that monitors and controls the incoming and outgoing network packets/traffic based on the set of rules made. A Firewall is thus a Network Security System that helps in protecting the network environment from various forms of threats like hackers, worms, viruses, etc. that try to reach your
Read MoreThis article deals with what is Fintech and Fintech Penetration Testing. Fintech is a new name trending in the media and technological area. Even though this industry has been from the previous decade till many tech savvy’s are not aware of what is Fintech as it is a term getting popularized now. Fintech or Financial
Read MoreSOC means Service Organization Control and SOC2 Compliance is one of the industry standards given for service organizations that are into technology, cloud service, etc. SOC2 Compliance Audit is done to differentiate you from other organizations identifying the validity of the controls, policies, and standards set forth without affecting the client’s internal controls over reporting and thus giving your clients the assurance to
Read MoreA firewall is a device that controls what get in and come out of our infrastructure network. The firewall is placed in between an organization network and the outside world. Testing for a firewall is basically an important part of penetration testing and in a security audit. Network scanning is the initial activity that should
Read MoreA bug that allows anyone a blindingly easy method of breaking that operating system’s security protections. Anyone who hits a prompt in Apple macOS High Sierra asking for a username and password before logging into a machine with multiple users, can simply type “root” as a username, leave the password field blank, click “unlock”, and
Read MoreApache Struts is all over again within the news for critical bugs in its code, and also the Apache software Foundation declared a critical remote code execution vulnerability within the widespread open-source framework for developing internet applications in Java. The vulnerability ID, assigned CVE-2018-11776 was first discovered in April of this year is a group
Read MoreThe Payment Card Industry Data Security Standard (PCI DSS) is an established standard that declares a set of Policies and Procedures designed to improve the security of payment cards and ensure cardholders against violation of their data.Certification of PCI from PCI DSS assures the protection of payment card information through a set of terms set
Read MoreThe beginning of the year has already witnessed a new vulnerability. Vulnerabilities in modern days help in leaking passwords and sensitive data. The hardware vulnerabilities allow programs to steal data that is currently processed on the computer while applications are not approved to read data from other programs. The hackers can take advantage by exploiting
Read MoreThis article explains GDPR penetration testing requirements and vulnerability scanning. The General Data Protection Regulation protects the personal data of individuals stored in all organizations’ databases regardless of their geographical location. GDPR requires the users’ personal data to be processed in a manner that ensures its privacy and security. This includes protection and prevention of
Read More
