AS400/iSeries Security: Are you Marked safe?

Sep 29, 2021

Evolution is gradual. It happens uninterrupted in the background, the immediate effect of which might seem negligible but when collated over years, the results are gigantic....

read more
Robotics Process Automation – Revolutionizing IT Industry

Nov 14, 2017

Within IT organizations or any other industry, automation is the new entrant and is here to stay!Robotics Process Automation – giving way to Artificial Intelligence?  A speedy approach? Or error free technology? Or Productivity?According to industry statistics, 30-40% of project costs are rework. Automation is a natural er...

read more
Insecure Direct Object References – Closing the doors

Mar 04, 2015

We have all worked on scenarios where we grant system object access to certain users based on the parameter, provided by them. Sometimes, the user just changes the parameter passed as input intelligently, and she gets access to some restricted documents or db data.For example, you should not be able to see your manager’s review ...

read more
Cross-site Scripting (XSS) – Focus on validation for web applications

Feb 20, 2015

As a part of this security series, I had posted previously about SQL injection, and how this simple concept can manifest itself into a major security concern.  This blog post will focus on validation of input and output in a web application.In web-application it has been noticed that we validate the input most of the time. This ...

read more
SQL Injection – A simple query which can manifest as a security concern

Jan 27, 2015

In my previous blog,  I focused on the security issues associated with broken authentication and session management concerns. Here I shall focus on the security and the vulnerability quotient of an application.I will discuss about the threats and their possible solutions. I will also mention few tools that aid the hacker in outs...

read more
Broken Authentication and Session Management – A security concern

Dec 19, 2014

This blog post showcases the need for protecting user’s password, the password habits that the application should enforce to the end user, and the practices that a developer should follow to secure a user’s information, especially the session information. This blog will also focus on aspects of session management.Some key ...

read more
Network security, a change in approach for the cloud

Aug 28, 2014

When an organization built and controlled its own networks, it was imperative that the security would vary and was largely dependent on the organization requirements. But, with a cloud infrastructure setup, the security methodology and requirements change significantly. And many of those who try to attempt to tackle the issue th...

read more
5 myths about cloud security

Mar 28, 2014

Speaking of security concerns with Infrastructure as a Service provider, there are many who believe cloud service providers will provide better security, and there are others who believe there will be greater risks associated with cloud usage, such as data breaches and cloud services abuse. There are many myths associated with c...

read more
How can infrastructure as a service provide cloud security?

Mar 21, 2014

Speaking of security concerns with Infrastructure as a Service provider, there are many who believe cloud service providers will provide better security, and there are others who believe there will be greater risks associated with cloud usage, such as data breaches and cloud services abuse.There are many myths associated with cl...

read more
Latest Prescription: Hybrid Cloud

Sep 11, 2013

Cloud computing comprises broadly of Public, Private and Hybrid clouds. Healthcare companies have been predominantly using private clouds in the past to adhere to prevalent data security norms. HIPAA and HITECH acts require that electronic protected health information (ePHI) be stored and processed in a secured manner and not sh...

read more