Priyanka Aash

Critical “SMBleed”, Vulnerability: Why Should You Be Worried?

This blog is contributed by Apoorv Saxena, technical team, FireCompass. At the end of May a researcher by the pseudonym “chompie”  published a tweet that showed a working PoC for CVE-2020-0976(SMBGhost), expecting a similar disclosure from the ZecOps security. As part of Microsoft June 2020 Patch release on June 9, ZecOps Researcher disclosed a new… Read More »Critical “SMBleed”, Vulnerability: Why Should You Be Worried?

Top 3 Risks of an Expanding Attack Surface & Remote Workforce

Due to the global pandemic, organisations have rapidly moved to a rapid digital transformation to enable a remote workforce model and this has naturally led to a multi-fold increase in the IT attack surface of an organisation. Security leaders now need to take into account the additional risks brought onto by the remote workforce and… Read More »Top 3 Risks of an Expanding Attack Surface & Remote Workforce

Most Dangerous Security Gaps That Enterprises Should Avoid (During WFH)

CISO Guide: Most Dangerous Security Gaps That Enterprises Should Avoid During WFH

Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent — attack that which yields maximum result — and that is usually something used by a very very large… Read More »CISO Guide: Most Dangerous Security Gaps That Enterprises Should Avoid During WFH

Learn About Saltstake Vulnerability

SaltStack Advisory (Vulnerability, Impact, Remediation)

This blog was authored by Jitendra Chauhan, Head R&D, FireCompass Salk Stack is  A configuration management system. Salt is capable of maintaining remote nodes in defined states. For example, it can ensure that specific packages are installed and that specific services are running. A distributed remote execution system used to execute commands and query data on… Read More »SaltStack Advisory (Vulnerability, Impact, Remediation)

Top 5 Tools for Digital Attack Surface Enumeration

Top 5 Tools for Digital Attack Surface Enumeration

1> Maltego CE  Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet. You can find more details hereHow It Helps You : Maltego can be used for the information… Read More »Top 5 Tools for Digital Attack Surface Enumeration

(Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

(Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

We were happy to participate in a community round table organized by CISO Platform Key Discussion Points :  What is Shadow IT? What are the types of Shadow IT? Practical demo using open source tools Controls to manage shadow IT risk Reason Of Risk :  No standardization Unknown risks Security breaches Data leaks Types Of… Read More »(Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

(Panel Discussion) Shadow IT: You Cannot Protect What You Can’t See

(Panel Discussion) Shadow IT: You Cannot Protect What You Can’t See

This is a summary of the panel discussion at Security Symposium & Cyber Sentinel Award by Infocon global. The panel discussion was moderated by Jitendra Chauhan (Head of Engineering at FireCompass) along with Balaram (CISO, Manthan), Anath Kumar Ms (Head-IT Assurance & Security, Janalaxmi Financial Services), Sumanth Naropanth and Ramakrishna Roy. Points Covered were: What… Read More »(Panel Discussion) Shadow IT: You Cannot Protect What You Can’t See