Common Mistakes And Lessons Learned In Securing Cloud Based Applications

by Jaykishan Nirmal, Practice Head, CISSP, CSSLP, CISA


Cloud-based applications are designed to be distributed and scalable, benefiting from elastic infrastructure (processing, memory and storage). Applications built for the cloud are increasingly architected based on the principle that hardware failure may happen. Cloud based application security remains a top concern for various organizations, as security threats to these applications can cause financial / data loss, downtime or reputation damage.

If your enterprise is using cloud application already or on its journey of cloud adoption, this session will help you to understand how you can secure your application and data outside of your firewall.

A Closer Look At Aadhaar Enabled Payments Systems: Know The Unknowns

by Suhas Desai, Practice Lead – Mobile Security Services at Aujas and Sasi Kumar, Head SDL, Aujas


With the emergence of biometric authentication platforms like AEPS (Aaadhaar Enabled Payment Systems) the payment industry would start aggressive with the financial inclusion. These biometric transactions are very unique and help identify an individual with IRIS and Fingerprint which would minimize frauds compared to reproducible magnetic tapes. With all of the advantages of a biometric system the challenges of implementing and operating are unique too.

Web Session Management In Real World, What Vulnerabilities Lie Ahead

by Rishi Narang, Senior Consultant with Vulnerability Management Practice


Web Session Management has long been a key component of any organization’s web infrastructure and user interaction. The key fundamentals of session management are improved security, reduced latency and better reliability.
In the real world, organizations have been lenient on the ‘security’ of such session management practices. They are working on the compensatory controls, but fail to address the actual vulnerability.

Vulnerability Management: Taking It To The NEXT Level

by Jaykishan Nirmal, Practice Lead VMS at Aujas Pvt. Ltd.
by Yogesh Bhatia, Practice Lead SDL at Aujas Pvt. Ltd.

  • Why it’s important to have vulnerability management program
  • How to create vulnerability management program
  • What are the key parameters to consider while choosing tools and technologies to manage risk
  • How to utilize people, process and technology to better and effectively manage vulnerability risk

Securing Information On Mobile Devices

by Jayesh Kamat, Practice Head, Information Risk Advisory Services at Aujas Pvt. Ltd.
by Maheswaran S, Manager of Engineering Sales at Websense


How does the mobile threat landscape look like
Solution to address threats
How to build a mobile security strategy

Are Your Employees Falling Into The Phishing Trap_ Learn How To Mitigate Risk Of Spear Phishing

by Andres Tabares, Lead Consultant at Phishnix
by Peter J. Agnoletto, Senior Director at Par Pharmaceutical Companies, Inc.


Learn how Par Pharmaceutical was able to assess the risk of spear phishing and take steps for mitigation.

Traditional methods of educating and training users about phishing risk do not work. This webinar will introduce a different approach to educating your users and mitigate the risk of phishing.

Data Protection: Working With DLP And ERM

by Chandra Prakash, Practice Head – Information Risk Advisory Services, Aujas


How to make DLP and ERM technology work together along with governance and processes to create a solution that aids in compliance, data protection risk management and reporting.

Organizations are under pressure to maintain business agility while protecting business critical data as they juggle with changing technology. Coupled with that is the increasing regulatory pressure and customer expectation to maintain control over and manage data. In an effort to address the data protection problem, organizations look to technologies like encryption, rights management and data leakage prevention for help. But technology by itself cannot solve the business problem of data protection. Though technology can add tremendous value, without an appropriate strategy and execution in place, technology cannot be fully effective.

Mobile App Development: Differences From Traditional Approach

by Suhas Desai, Senior Consultant at Aujas

  • Show the extent of threats posed by hackers that stem from mobile application vulnerabilities
  • How to prepare the first line of defense–by training developers to identify and have a plan to deal with potential vulnerabilities
  • Major challenges and business risks involved in mobile apps development
  • Focus on the dos and don´ts associated with the secure design and development of mobile apps
  • Reactive and proactive ways of handling mobile applications development, the importance of following a well defined secure development lifecycle approach for mobile devices
  • Ideas on how to mitigate significant threats like insecure data storage on mobile devices and mobile application servers, mobile device operating systems and platform issues, communications channels issues– SMS, IP connections, USSD channels and device lost/theft case scenarios

Privileged Access And Activity Management: Challenges And Solutions

by Ankush Kapoor, Practice Head -Identity and Access, Aujas

  • The concept of privileged access – the risks associated with this access and activity
  • Why this is important for all enterprises (especially telecom companies)?
  • What kind of controls are needed?
  • What kind of solutions are available?
  • How to plan for a solution?

“Secure By Design” Model For Software Security

by Sasi Kumar G, Practice Head – Secure Development Lifecycle, Aujas

  • Proactive software security by design
  • How to design secure software?
  • How to implement Secure SDLC?
  • Increase in ROI by secure development
  • Balance performance, security and usability of system

Data Loss Prevention – From Strategy To Execution – Clearing The Confusion

by Chandra Prakash, Practice Head – Information Risk Advisory Services, Aujas

  • What drives Data Protection?
  • What technology can and cannot do?
  • Protecting what matters the most?
  • Setting the Management Expectation- From Strategy to Execution
  • Clearing the confusion- Approach to holistically address the data protection “big problem”