Content Management, Drupal

Why Choose Drupal Over Other CMSs?

Why Drupal? A primary question that comes to our mind before stepping ahead for development is how to choose the best suited CMS for the website from a variety of available CMS? Now, it depends on the requirements, if the website is a blog related website, you will definitely think of WordPress and if the website is E-commerce...

by Harsh Behl
Tag: Grails Security
18-Aug-2017

Application Security, Technology

What Lies Ahead of Web Attacks in 2017?

Being in the middle of the second quarter of 2017, we can already find a number of reports regarding web attacks, also known as cyber-attacks or cyber threats. Due to a constant rate of increase of reports regarding web attacks, it is essential for people all over the world to be aware of the imminent attacks or threats. From the loss of...

by Naman Goel
Tag: Grails Security
10-May-2017

Application Security, Product Engineering

XSS (Cross Site Scripting) Blog Series I Blog 1: Overview, Vulnerabilities and Types of Attacks

Have you witnessed a scenario where a trusted site gets injected with a malicious script attack? Well, commonly people refer this as a "'Cross Site Scripting' attack. The XSS scripts injected into a site can leak out sensitive data and information including cookies, session tokens, and auth tokens. The vulnerability of the XSS attack is...

by Arushi Shukla
Tag: Grails Security
22-Mar-2017

AWS, DevOps

Jenkins Google Authentication

In Jenkins by default user authentication is not enabled but we can establish the user authentication from the Global Security section. We have to create users for team members and it maintains all user in its own database. But we can also configure Jenkins with Google oAuth. So, if you are leveraging Google services and already have...

by Rajdeep Singh
Tag: Grails Security
26-Aug-2016

Application Security, AWS

The A to Z of Public Cloud Security Tools

You may wonder why an arrangement of servers, constructed of hard metal, which tend to run hot and weigh thousands of pounds, be called a “cloud”? This can be propped up only by an engineering diagram, in which data travels by an undefined pathway from beginning to end. So, the cloud refers to the randomized packet transfer protocol...

by Ranvijay Jamwal
Tag: Grails Security
10-Jun-2016

Application Security, Technology

Android 6.0(Marshmallow) : What’s new in Security

Android has been the most used mobile operating system till date. With the huge base of end-users, Android has been guilty of hosting numerous security related bugs in the past. With the latest version of Android 6.0 namely Marshmallow being released, I expected to see a few changes in the security model. Change in the permissions...

by Ankit Giri
Tag: Grails Security
26-Nov-2015

Application Security

Experience at X0RC0NF, 2015 – A security conference

Being a technology focused company, TO THE NEW has always made its presence felt in major conferences around the world. This time, it was X0RC0NF in Cochin, India. I was invited to present my talk there and attend the conference as a speaker. The topic of my talk was "Anatomizing online payment systems: hack to shop", majorly focusing on...

by Abhinav Mishra
Tag: Grails Security
19-Oct-2015

AWS, DevOps

Unifying control of multiple AWS accounts by using AWS STS

Recently, we came across a scenario where we need to create AMIs of multiple production servers running in four different AWS accounts. One solution was to create an automation script to be run on an AWS EC2 instance running in each aws account which would create AMI of all production servers running in each account. This would have...

by Navjot Singh
Tag: Grails Security
09-Oct-2015

Application Security

An essence of Application Security in Healthcare Sector

Hackers and cyber criminals identify healthcare organizations as a source of assets, similar in a way that a bank has monetary assets. In case you have any doubt about the previous statement, I would like to reassure you that healthcare information has a monetary value and worth. And yes, it is at risk. What is wrong with the Healthcare...

by Ankit Giri
Tag: Grails Security
06-Oct-2015

Application Security

Abusing Password reset functionality to steal user data (Part–2)

In continuation to my last blog about possible attacks on a password reset functionality, this part of the same series will look into below two implementations: • Email sent with a temporary password or current password • Secret questions asked and then given the option to reset the password I will mention possible issues which...

by Abhinav Mishra
Tag: Grails Security
29-Sep-2015

Application Security, Technology

OpenSSL Vulnerability (CVE-2015-1793) and Remediation

A high-severity vulnerability was announced by OpenSSL. This vulnerability is marked as CVE-2015-1793. Common Vulnerabilities and Exposures is a system that provides a reference-method for publicly known security vulnerabilities and exposures. This blog explains OpenSSL Vulnerability (CVE-2015-1793) and Remediation. OpenSSL Team released...

by Ankit Giri
Tag: Grails Security
27-Jul-2015

AWS, DevOps

Jenkins – Implementing Project-based Matrix Authorization Strategy

In one of my recent projects, while working on Jenkins, I was required to create and implement a Project-based Matrix Authorization Strategy. Installation of Jenkins is a simple task, but it took me a while to implement this strategy and later I found it quite easy enough and thought of writing a blog. Project-based Matrix...

by Navjot Singh
Tag: Grails Security
09-Jun-2015