Web Application Assessment Approach

The software application has become the critical digital assets which needs to be protected against attacks. Web applications must be available 24*7 and offer data access to customers, employees, suppliers and others. Majority of time web applications are internet facing. This may create new loophole in enterprise security. When hackers able to compromise web applications,… Read More Web Application Assessment Approach


Phishing is a type of Social Engineering technique where the attacker attempts to trick people into sending sensitive information (usernames, passwords, and credit card details) or make people send money or just download malware and gain access to the system by using email, text messages, phone calls or a fake website. In this post we will be covering… Read More Phishing

Application Security Assessment Methodology

In previous blogs we have discussed about basics of Information Security and CIA trades. Also we have covered important terminologies associate with InfoSec. Please revisit previous blogs for more clarity. Information security is universal sets which consist of, but not limited to, Risk assessment and Treatment, Incident management, Application security, Information security management system (ISMS),… Read More Application Security Assessment Methodology

Information Security

Information Security is a discipline of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. Security of information is important to most organizations of the day. Secured information and information assets enable organizations to function efficiently and effectively and achieve the goals. On the other hand security weaknesses, security breaches, violations… Read More Information Security