Security

Five Step of Incident Response

Leave a Comment / ECIH / By Tushar Panhalkar

Incident response may be a process, not an isolated event. so as for incident response to achieve success , teams should take a coordinated and arranged approach to any incident. There are five important steps that each response program should cover so as to effectively address the wide selection of security incidents that a corporation could experience. 1. PREPARATION Preparation is that the key to effective incident response. Even the simplest incident response team cannot …

Five Step of Incident Response Read More »

How to Prevent OWASP Top 10 Vulnerability

How to Prevent Owasp Top 10 Vulnerabilities

Leave a Comment / CEH / By Tushar Panhalkar

Introduction to OWASP Top 10 The Open Web Application Security Project, or OWASP, may be a nonprofit that strives to teach the cybersecurity industry (its practitioners, researchers, and developers) about prominent web application bugs and therefore the risks they present. Every three or four years, OWASP reaches bent the businesses and organizations with a high-level and wide-sweeping view of the foremost common and highest risk vulnerabilities for feedback on common and emerging threats. These contributors …

How to Prevent Owasp Top 10 Vulnerabilities Read More »

Analyzing IDS Logs

1 Comment / CHFI, Knowledge Base / By Tushar Panhalkar

Analyzing IDS Logs in this Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) are among the most sophisticated network security devices in use today.These systems’ logs contain valuable network threat information about attack types, devices being targeted, and more. Intrusion Detection Systems (IDS) are automated systems that monitor and analyze network traffic and generate “alerts” in response to activity that either match known patterns of malicious activities or is unusual. … IDS can be either network or host-based. In addition …

Analyzing IDS Logs Read More »

Understand Log Capturing and Analysis Tools

Leave a Comment / CHFI / By Tushar Panhalkar

Understand Log Capturing and Analysis Tools in this article explain different types of log capturing tools and analysis tools which are used in forensic investigation. Log Capturing and Analysis Tools Features: Analysis of log data, including SNMP traps, Windows event logs, W3C logs, text-based logs, Syslog, SQL Servers, and Oracle audit logs Provides specific reports for some of the major compliance acts as well as other standard reports Filter-enabled charts provide access to the important …

Understand Log Capturing and Analysis Tools Read More »

Understand Laws and Regulations

Leave a Comment / CHFI, Knowledge Base / By Tushar Panhalkar

Understand Laws and Regulations in this there are many laws that affect digital forensics investigation; for example, some jurisdictions have passed laws that require the investigator to be either a law enforcement officer or a licensed private investigator to extract the evidence. Of course, that does not prevent a forensic investigator from working with information someone else extracted or extracting evidence if the information owner gave his or her permission. It is important to be …

Understand Laws and Regulations Read More »

ISO 27001 Annex : 18.2 Information Security Reviews

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

Its objective is to ensure that information security is enforced and managed in compliance with organizational policies and procedures. A.18.2.1 Independent Review of Information Security Control- A proposed or major improvement should be taken into account internally for the organization’s approach to information security management and execution, (ie. control objectives, controls, policies, processes, and procedures for information security). Related Product : ISO 27001 Lead Auditor Training And Certification ISMS Implementation Guidance The independent review will be …

ISO 27001 Annex : 18.2 Information Security Reviews Read More »

ISO 27001 Annex : A.18 Compliance

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

ISO 27001 Annex : A.18 Compliance in this article explain Compliance with Legal and Contractual Requirements, Identification of Applicable Legislation and Contractual Requirements and Intellectual Property Rights this controls. A.18.1 Compliance with Legal and Contractual Requirements It’s objective is to protect against violation of legal, statutory, regulatory, or contractual obligations relating to information security and any other security requirements. A.18.1.1 Identification of Applicable Legislation and Contractual Requirements Control- Each of these information systems and organizations …

ISO 27001 Annex : A.18 Compliance Read More »

ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

Control- ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity In order to ensure accurate and productive to adverse circumstances, the company must review on-going controls on safety information defined and enforced at regular intervals. Implementation Guidance- Changes in organizational, technological, administrative and procedures, whether operational or framework, will lead to changes in the criteria for the continuity of information security. In such cases, the continuity of information security processes, procedures and …

ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity Read More »

ISO 27001 Annex : A.17 Information Security Aspects of Business Continuity Management

23 Comments / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

ISO 27001 Annex : A.17 Information Security Aspects of Business Continuity Management in this article explain Information Security Continuity, Planning Information Security Continuity and Implementing Information Security Continuity this contols. A.17.1 Information Security Continuity Its objective is the continuity of information security should be integrated into the business continuity management processes of the organization. A17.1.1 Planning Information Security Continuity Control – In adverse circumstances, e.g. during a crisis or a catastrophe, the company will determine …

ISO 27001 Annex : A.17 Information Security Aspects of Business Continuity Management Read More »

ISO 27001 Annex : A.16.1.5 Response to Information Security Incidents, A.16.1.6 Learning from Information Security Incidents & A.16.1.7 Collection of Evidence

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

In this article explain ISO 27001 Annex : A.16.1.5 Response to Information Security Incidents, A.16.1.6 Learning from Information Security Incidents & A.16.1.7 Collection of Evidence this controls. A.16.1.5 Response to Information Security Incidents Control- In the context of the documented procedures, information security incidents should be responded to. Implementation Guidance- A nominated point of contact and other pertinent people within the organization or external parties should be able to respond to information security incidents. The …

ISO 27001 Annex : A.16.1.5 Response to Information Security Incidents, A.16.1.6 Learning from Information Security Incidents & A.16.1.7 Collection of Evidence Read More »

Five Step of Incident Response

How to Prevent Owasp Top 10 Vulnerabilities

Analyzing IDS Logs

Understand Log Capturing and Analysis Tools

Understand Laws and Regulations

ISO 27001 Annex : 18.2 Information Security Reviews

ISO 27001 Annex : A.18 Compliance

ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity

ISO 27001 Annex : A.17 Information Security Aspects of Business Continuity Management

ISO 27001 Annex : A.16.1.5 Response to Information Security Incidents, A.16.1.6 Learning from Information Security Incidents & A.16.1.7 Collection of Evidence

Course Categories

Quick Menu

Contact us

Recent Posts

Find Us Here