Risk assessment (often called risk analysis) is perhaps the most difficult part of implementing ISO 27001, but at the same time, risk assessment (and its processing) is the most important step at the beginning of your information security project – it establishes the basis for information security in your company. The question is – why […]
Technological, production, and commercial data used by enterprises are expensive, and their loss or leakage can lead to serious financial losses. For the oil and gas complex (OGC), which is of strategic importance for the country’s economy, the price of the issue is especially high. Therefore, one of the goals for the industry is to […]
Privilege escalation is that attack in which an attacker exploits a software bug to gain access to a resource that is usually protected by the application or user, which leads to a change in privileges for malicious actions that are carried out with greater privileges than expected application developer and system administrator. Known attacks of […]
The essential guide to secure web development Developing secure and reliable cloud-based web applications is very, very difficult. If you think otherwise, you are either not of this world, or your life has not yet taught you a lesson. If you have already become infected with the idea of a “minimum viable product”. And consider […]
What does mean by Security Misconfigurations ? Security Misconfigurations arises when maintaining security settings are the default, Security misconfigurations can happen at any level of an application stack, including the platform, web server, application server, database, framework, and custom code.Security misconfigurations vulnerabilities could occur if a component is vulnerable to attack due to an insecure […]