Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Indusface

Three Guiding Principles to Follow in Cybersecurity | (Sanjay - Executive Director, MSCI)

Here are some highlights of the conversation between Sanjay (Executive Director, MSCI) and Venky (Founder, Indusface). Sanjay has worked in Microsoft for over 14+ years and shares his experience on secure coding best practices & methods to handle customer-sensitive data.

What is Vulnerability Testing? Benefits, Tools, and Process

Software vulnerabilities are the most significant security risks organizations face today, and several critical vulnerabilities have been identified in 2023, including Apache Superset, Papercut, and MOVEit SQL Injection vulnerabilities. In the first quarter of 2023, AppTrana detected 24,000 vulnerabilities across 1,400+ sites.

iOS Application Penetration Testing Checklist [153 Test Cases in a Free Excel File]

Get Free iOS Application Penetration Testing Checklist Apple’s recent release of iOS 16 for the iPhone brings important new security features. Despite the inherent security features of iOS, additional measures, techniques, and guidelines can be employed to fortify the protection of user data and ensure privacy. Having previously covered the Android penetration testing checklist and security assessment, it is time to focus on iOS.

Webinar - Unveil and Protect the Most Vulnerable Subdomains, IPs, and Apps

Is your business unknowingly inviting #securitythreats? With multiple hidden weak links in an organization's #externalattacksurface, keeping track of them and avoiding them from getting exploited is an uphill task. In this webinar, Vivekanand Gopalan (VP of Product Management, Indusface) discusses best practices for finding weak links within an organization and building defense-in-depth around it.

Indusface Threat Coverage: MOVEit Transfer SQL Injection Vulnerabilities

Progress has recently raised concerns about multiple vulnerabilities in their MOVEit Transfer secure managed file transfer solution. These vulnerabilities have been publicly disclosed within the past several weeks, and the most recent one was reported on June 15, 2023. Notably, the latest vulnerability is claimed to be a zero-day SQL injection vulnerability. If exploited by an attacker, these vulnerabilities can lead to unauthorized access to the MOVEit Transfer database.

Dynamic Data Masking | (Sanjay - Executive Director, MSCI)

Here are some highlights of the conversation between Sanjay (Executive Director, MSCI) and Venky (Founder, Indusface). Sanjay has worked in Microsoft for over 14+ years and shares his experience on secure coding best practices & methods to handle customer-sensitive data. Key highlights from the discussion.

Android App Penetration Testing Checklist with 154 Test cases [Free Excel File]

Get Free Android App Penetration Testing Checklist With 2.9 million apps, the Android Play Store is the most widely adopted mobile operating system. With its vast opportunities, Android also draws the attention of malicious hackers who continuously seek to exploit weaknesses in mobile applications. Because of security concerns, Google has banned many apps from the Play Store. Building a secure Android app requires thorough mobile application penetration testing.

Over 2 million Websites Vulnerable to XSS Exploit (CVE-2023-30777) in WordPress Plugin

A zero-day vulnerability, denoted by the CVE identifier CVE-2023-30777, exposes a dangerous reflected cross-site scripting (XSS) flaw. This high-severity vulnerability has been discovered within the WordPress plugin (Advanced Custom Fields (ACF) and Advanced Custom Fields Pro). The CVE-2023-30777 exposes over 2 million installations to security risks, triggering widespread concern and anxiety among website owners and administrators.

Secure Coding Best Practices & WAAP for Application Hardening (Sanjay - Executive Director, MSCI)

Overview: In this podcast, Sanjay (Executive Director, MSCI) talks to Venky about secure coding best practices & methods to handle customer-sensitive data. He also shares why securing software isn't an accident and requires cautious efforts at an organizational level to make it possible.