Shadow IT

Top 6 Subdomain Takeover attacks on Uber, Lamborghini, USA.gov

One of the major pain point for large enterprises is not knowing their digital infrastructure completely. Hackers are constantly looking for these soft targets. Subdomain Takeover is a type of vulnerability which occurs when a DNS entry (subdomain) of an organization points to an External Service (ex. Heroku, Github, Amazon, Bitbucket, Desk, Squarespace, Shopify, etc) but the… Read More »Top 6 Subdomain Takeover attacks on Uber, Lamborghini, USA.gov

Shadow IT Risks – 4 Ways To Reduce Them

Shadow IT refers to IT applications and infrastructure that are managed and utilized without the knowledge of the enterprise’s IT department. Shadow IT risks exists in most organizations but most IT leaders and CISOs underestimate about its reach. Problems: Shadow IT will open up to many security risks of business such as enterprise security risks, data privacy… Read More »Shadow IT Risks – 4 Ways To Reduce Them

Shadow IT Threats – How To Turn Them Into Opportunity?

Shadow IT  threats involves pushing back on any initiatives that try to bypass IT and fighting the line of business managers for ownership of these projects. Shadow IT opportunity involves transforming shadow IT into official line-of-business shortcuts and becoming the corporate champion of innovative initiatives. Below are a few ways one could looks at Shadow IT as an… Read More »Shadow IT Threats – How To Turn Them Into Opportunity?

Understanding Key Attack Surface Dimensions

We will discuss a few key areas in the vast attack surface today. With increasing technology advancement and its intervention into the enterprise world makes the scope of cyber defense enormously large. It reminds me of depth-first and breadth-first search algorithms to cover scopes in varied situations. The security landscape is so widely expanding, the change… Read More »Understanding Key Attack Surface Dimensions