Tag: penetration testing

    • PCI DSS Penetration Testing Requirements Detailed Explanation

    PCI DSS Requirement 11, commonly referred to as the “Pentest requirement,” mandates any company that processes, stores, and transmits electronic card transactions to conduct one PCI penetration Testing annually. Additionally, the requirement states that organizations must conduct a penetration test each time a significant change occurs to network infrastructure or applications. What is deemed “significant” depends on an entity’s risk

    Read More
    • Android Application Penetration Testing

    Smartphone users are exposed to various threats when they use their phones. These threats can disrupt the operation of the smartphone, and transmit or modify user data. For these reasons, the applications deployed there must guarantee the privacy and integrity of the information they handle. Mobile security involves protecting both personal and business information stored

    Read More
    • Heartbleed Vulnerability

    Many of us have been hearing the word Heartbleed and are wondering what is that and how severe is this and why everyone is talking about it. Here we are going to discuss this most spoken Vulnerability and how to test it. The majority of Online Services use OpenSSL, a security standard that encrypts the communication between

    Read More
    • Choosing Your PCI Compliance Pen Testing Vendor

    How To Choose Your PCI Compliance Pen Testing Vendor Before getting into PCI Compliance Pentesting let’s have a small introduction about PCI DSS. PCI DSS is mandated by the major card brands like Visa, MasterCard, American Express, JCBandDiscover and is administered by the PCI Security Standard Council (PCI SSC). Any organization/vendor/company that processes payment by means of debit

    Read More
    • Implementing ISMS Framework Like ISO 27001

    Information security is becoming more and more important as more than 80% of corporate data is residing in IT systems.  More corporates and financial institutions are making it mandatory for their third parties to implement an Information Security Management Systems (ISMS) preferably ISO 27001 to ensure the data managed by the third parties are protected from unauthorized disclosure, unauthorized

    Read More
    • PCI DSS V3.2 – Changes Overview

    Almost a year after the release of PCI DSS V3.1 yet another upgraded version has been introduced by the Payment Card Industry Security Standards Council, PCI DSS V3.2. Every time when a new version is released much new functionality will be added and it would focus on some major criteria. When PCI DSS V3.1 was released last year

    Read More
    • Firewall Penetration Testing – Part I

    A Firewall is a hardware or software program that monitors and controls the incoming and outgoing network packets/traffic based on the set of rules made. A Firewall is thus a Network Security System that helps in protecting the network environment from various forms of threats like hackers, worms, viruses, etc. that try to reach your

    Read More
    • Simple Approach To Penetration Testing For Fintech’s

    This article deals with what is Fintech and Fintech Penetration Testing. Fintech is a new name trending in the media and technological area. Even though this industry has been from the previous decade till many tech savvy’s are not aware of what is Fintech as it is a term getting popularized now. Fintech or Financial

    Read More
    • SOC2 Compliance – Penetration Testing

    SOC means Service Organization Control and SOC2 Compliance is one of the industry standards given for service organizations that are into technology, cloud service, etc. SOC2 Compliance Audit is done to differentiate you from other organizations identifying the validity of the controls, policies, and standards set forth without affecting the client’s internal controls over reporting and thus giving your clients the assurance to

    Read More