• Good bye Debian 9, welcome 11

    Around 15 years back when we decided to start a server administration division, we were wondering which Linux based OS to use.  We finally decided on Debian after evaluating many different Linux distributions. Some advantages of Debian – Debian is free and open source software and will always be 100% free. – Debian is stable […]

  • SaaS misconfiguration a major finding

    The “2022 SaaS Security Survey Report” is out and the key findings are around SaaS (Software as a Service) misconfiguration, which is leading to security incidents. The causes for these are multiple including, lack of visibility, too many departments with access, lower investment in security tools and staff. Of those who took part in the […]

  • Biggest DDoS attack to hit a Crypto Platform

    Cloudflare has said that they received one of the DDoS attacks with 15.3 million requests.DDoS Attack means “Distributed Denial-of-Service (DDoS) Attack” and it is a cybercrime in which the attacker floods a server with internet traffic to prevent users from accessing connected online services and sites. Key points to note. The attack lasted just 15 […]

  • Staff security training for a company

    Recently we got a request from a company. After a minor potential security incident, they required their staff to undergo security training with the aspect of business they were in. This works in 2 ways, first of course it helps that their staff are reiterated about the security policies, the lapse that happened, and common […]

  • Log4Shell critical vulnerability

    On Friday 10th December, Apache announced a critical vulnerability within the LOG4J logging library for Java, called Log4Shell or LogJam. At 10/10 severity, this is comfortably one of the most serious IT vulnerabilities to have been discovered in recent memory, as Log4J is often installed on both Linux and Windows systems either directly, or often […]

  • Lessons learnt from Facebook outage

    – Some thoughts from our CTO Anurag Jain Be it business or personal, social platforms are integral part of our lives. When the outage first started, my first reaction was to restart the app a few times, restart my router, and even check with few friends and colleague. After a bit of panic on how […]

  • Web application stress test

    We are excited about our new stress test service, which has shown promising findings for different clients, applications and architectures. Which one applies to you? Not sure if your application/system can handle a specific number of users? Want a clear comparison between one architecture or another Find bottlenecks in the system but need to simulate […]

  • 5 common mistakes when building a website/web-application wrt security.

    These are the 5 common mistakes we often come across. This should not be seen as a comprehensive list. Not performing authorization. Authentication confirms that you say who you are. Authorization checks if you have access to a specific asset. Examples of this are hidden links which are shown only to one type of user […]

  • Security audit for statistical insights company

    Recently we had an opportunity to conduct a security audit of a company that is involved in providing statistical insights to a wide number of clients. Unlike a penetration test this is a non intrusive approach to audit their processes instead of an application. It requires understanding of the processes, how the company works, how […]