Mobile Phishing

Sohail Najar

No other technology has impacted us like the mobile phone. The fastest growing manmade phenomenon ever, it grew from zero to 7.7 billion in three decades. Today there are more mobile phones than humans and they are growing almost five times faster than the rate at which the population of the worls is growing.

Download Now


SS7 Attacks…Technical Guide

by Jitesh Jain, Senior Consultant, Aujas

SS7 is a sophisticated and powerful form of Common Channel Signaling (CCS). The use of ‘out-of-band signaling procedures’ in SS7 offers significant benefits over traditional signaling methodologies. At the same time, SS7 has many inherent security flaws that can be misused for fraudulent purposes. SS7 technology is vulnerable to denial of service attacks; and the resources needed to mount such an attack are considerably low in it. The technical guide looks at SS7 network security and presents a review of the security problems.

Download Now


Privileged IM for Data Centers

by the Aujas Team

Aujas takes a step by step approach to design, select, deploy and manage the strong authentication solution in an IT company’s Data Centre. During the entire cycle the objective remains to provide quick and incremental return while causing minimum impact on the existing processes.

Download Now


Undocumented Open Source Leaves a Gap…

by the Aujas Team

Increasing security of application is critical and an entire new category of tools and service providers has emerged to assist software development organizations to reduce vulnerabilities in their software. Nevertheless, use of open source components as part of the development process must be considered appropriately. On an average, applications include at least 50% open source software and third-party components for obvious reasons. This increase in open source usage presents a security challenge to organizations industry-wide. This whitepaper helps understand how incorporating undocumented open source codes can leave a security gap in application software; and helps make the right decision for your organization.

Download Now


Securing Telecom with Enterprise Single Sign-on

BY SACHIN KALE - CONSULTANT IN THE IDENTITY AND ACCESS MANAGEMENT PRACTICE, AUJAS

Security threats are increasing everyday and organizations are facing challenges in accessing and monitoring important data. Organizations are seeking Identity and Access Management Solution which will provide them with strong user authentication with secure access to sensitive information. Enterprise Single Sign-on (ESSO) enables automatic logins and centralized monitoring of access to end-devices with strong user and host-base authentication. With no change to existing workflow of organization, ESSO combines with strong authentication, audit services and integration with user provisioning system.

Download Now


Controlling Info Leakage with IRM

BY MAYANK VAISH - CONSULTANT IN THE IDENTITY AND ACCESS MANAGEMENT PRACTICE, AUJAS

Collaboration is here to stay, be it amongst employees, partners, vendors or customers. What was also thought to be “here to stay” was the nightmare and fear of ex-employees, vendors and partners misusing documents that have been shared with them in good faith. Enter Information Rights Management (IRM). It promises to solve problems in this space, but is this the silver bullet? This whitepaper gives you an overview of what to expect from existing IRM technology, and more importantly, leaves you with key questions to dwell upon to decide whether IRM solutions fit your business.

Download Now


Strong Authentication for BPO Data Centers

by the Aujas Team

Hosting business-critical information, the data centre of a modern BPO is typically managed by a dedicated team of administrators working round-the-clock.The IT infra typically comprises network elements, applications, and servers running diverse operating systems.

Download Now


Mitigating security risks in USSD-based mobile payment applications

by Suhas Desai - Senior Consultant, Aujas

With the increasing use of mobile devices, the popularity of online payment and financial services will continue to rise. Mobile payment applications use various communications channels which are not secure, including sms, USSD and IP-based communications. As usage of these communications channels by payment applications increases, security flaws are becoming prime concerns for service providers. In this white paper, Aujas’ approach to mitigate these identified mobile application threats has been discussed in detail.

Download Now


Converged Identity and Access Management

by Mayank Vaish - Consultant – Identity and Access Management, Aujas

The need for converged access control is indicated by the grave dangers of insider threats, in which the disgruntled employees or ex-employees, gain access to computer systems or networks of the enterprise. This can cause critical system disruptions, loss of information of customers and partners, loss of confidential intellectual property, brute-force attacks, fraud, reputational risk, etc and is among the reasons why secure access management should be a concern for enterprises worldwide.

Download Now


Making Data Protection More Effective- A Step beyond technology implementation

by Jayesh Kamat - Practice Head and Chandra Prakash Suryawanshi - Co-Practice Head, Information Risk Advisory Service, Aujas

A robust DLP implementation goes beyond tools and technologies and looks at bridging the business-IT gap. An organization wide data protection/governance strategy should be developed and awareness amongst users is needed for an effective DLP program. This whitepaper discusses about the need for a holistic approach towards protecting that goes beyond the tool and addresses data at its source, the business.

Download Now


Merger and Acquisition Information Risk Management Towards Best Practices

by Nitin Kumar, CEO - Americas and Europe, Aujas

Gaining competitive advantage through a merger or acquisition means that a company acquires the information assets of the target entity. How both acquirer’s and target’s information assets are integrated and shielded from various types of risk during the M&A can play a role in the success or failure of the new entity. This paper discusses the challenges of managing information risk for several types of M&As and introduces a framework that can be used to address those challenges. The paper also offers a checklist of best information risk management practices for an M&A.

Download Now


What has changed in OWASP

by Jaykishan Nirmal, Lead Consultant - SDL practice, Aujas networks

It is almost 8 years now, since OWASP has become the de-facto standard for developers, architects and designers to develop secure applications. Security Professionals use OWASP testing guide as a bible to ensure a comprehensive assessment. OWASP released the Top Ten on April 19th 2010 and this document will highlight some of the key changes derived from the 22 pages of OWASP TOP Ten 2010 release document.

Download Now


A Practical Approach to Security Code Review

by Jaykishan Nirmal, Security Consultant, Aujas Networks

Software security is increasingly becoming the focus of the industry. Research sources suggest that 75% of new hack attempts are targeted at Software Security and 90% of the vulnerabilities are in software. Recently conducted survey states that more than 75% of bank websites had at least one design flaw. This white paper discusses some of the crucial problems faced during security code review. It illustrates some methods to find vulnerabilities in the code base and trace it back to design problems. It also emphasizes the root cause fixes as a part of mitigation actions to solve application security problems.

Download Now


IT Risk Management As the Economy Revives

by Sameer Shelke, Co-founder, Chief Operating Officer & Chief Technology Officer, Aujas Networks

  • Multiple Regulations-Need to comply with multiple laws and regulations such as PCI-DSS, HIPPA, GLBA, Privacy act etc
  • Data Protection-Software applications are protection layer for intellectual property and customer/partner/employee private information so a security breach will result in loss of goodwill, trust & reputation in the market
  • Software Defects-95% of the vulnerabilities are in software which directly impacts the quality and usability of the software
  • Cost Reduction-Cost of incorporating security late in the software is around 10-100 times higher
  • Software Attacks-About 75% of the attacks occur at the application level as it’s the path of least resistance for financial gain

Download Now


Emerging Disciplines of Security software and Application Security

by Sameer Shelke, Co-founder, Chief Operating Officer & Chief Technology Officer, Aujas Networks

  • Network Security
  • Infrastructure Security
  • Policy & Compliance
  • Application is a “black box”
  • Application Functionality
  • Application Performance
  • Release timelines
  • Bug fixes

Download Now


Protecting from Distributed Denial of Service

by Madhankumar V, Practice Head – IT GRC, Aujas and Bhavuk Arora, Consultant – Vulnerability Management, Aujas Networks

In the ever expanding networks of today, Denial of Service is a growing form of attack. This white paper looks at the anatomy of a DDoS and explains the best practices for safeguarding your network against the same.

Download Now