Ronak Patel

Types Of Vulnerability Assessment?

What are the types of Vulnerability Assessment

What is a vulnerability assessment? A Vulnerability Assessment is a process of systematically reviewing and identifying potential risks and vulnerabilities in a software or information system. These Assessments evaluate whether the system is exposed to threats, assigns severity levels to vulnerabilities and even provide solutions  for remediation. These assessments include evaluating systems and applications against …

Types Of Vulnerability Assessment? Read More »

Why should merchants hire a QSA company and what should be the criteria for hiring?

qsa company

PCI DSS Compliance is a standard that provides a well-curated set of requirements for merchants or service providers. Service and Merchants are expected to follow these requirements as a part of the Compliance process and defense against data breach or theft. With stringent norms and enforcement of standards, the assessment of merchants and service providers for …

Why should merchants hire a QSA company and what should be the criteria for hiring? Read More »

PDPA Compliance

pdpa compliance

Many International Regulatory Bodies are today focusing on the protection of Personal Data. Significant efforts by the governing bodies have led to the establishment of various Data Protection Laws. In response to the increasing concern over unsolicited marketing communications, the Singapore Government introduced the Personal Data Protection Act. The primary purpose of the PDPA Compliance …

PDPA Compliance Read More »

How Blockchain Technology Reduce Cost And Risk Pertaining to PCI Compliance?

blockchain tech

As cybersecurity continues to be a growing concern for most businesses online, it calls for an efficient, and risk-free means of payment transactions across platforms. While Regulatory Bodies are doing their bit by establishing frameworks for secure online transactions, adopting effective technologies to tackle the issues of cybersecurity is equally essential. Having said that, today’s …

How Blockchain Technology Reduce Cost And Risk Pertaining to PCI Compliance? Read More »

Infovore CTF

infovore ctf

We start with another boot2root machine from Vulnhub. This machine is called Infovore and is misconfigured by the administrators a very known vulnerability that appears in OWASP Top 10. As per the description of the machine, it is supposedly configured by lazy administrators and our job is to exploit innocent-looking PHP functions while capturing all …

Infovore CTF Read More »

Consequences & Risk Exposure for Non-Compliance with PCI DSS for the Banking Sector

PCI DSS FOR Banking

Every day millions of people around the globe fall prey to cybercrimes. What makes it alarming is that majority of the data breach/theft is related to debit and credit cards. For these reasons, the PCI DSS standards were set in 2006 to strengthen information security and secure cardholder data. PCI DSS is a compliance requirement …

Consequences & Risk Exposure for Non-Compliance with PCI DSS for the Banking Sector Read More »

InfoSec Prep: OSCP

infosec prep oscp

This virtual machine I found on Vulnhub – InfoSec Prep: OSCP is an OSCP type virtual machine. It is a boot2root machine that also finds all the flags as well. The machine was originally designed in partnership with Offensive Security. Anyone who could achieve root on the VM would have a 30-day voucher to the …

InfoSec Prep: OSCP Read More »