Google+
Follow Me
LinkedIn
Facebook
Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying [...]
Archive for the ‘IT Policy’ Category
Penetration Testing
August 28th, 2011 
Abdul Saleem 
Posted in INFRASTRUCTURE, IT Policy, Network, Security 
Tags: attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to tes, identifying possible entry points, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, Penetration testing (also called pen testing) is the practice of testing a computer system, the good guys are attempting to break in, the process includes gathering information about the target before the test (reconnaissance) 
5 Comments »Key to Security
July 10th, 2011 Abdul Saleem There are so many hacks happened in recent days. That to major corporate organisations key databases. During the IDC security road show, Dubai (21-06-2011) one of the presenters was showing a slide with some corporate logo, captioned as it’s not our customer list. It’s giving high alert to business and professionals. How to protect the [...]
Posted in CLOUD, DISASTER, INFRASTRUCTURE, IT Policy, Management, Network, RECOVERY, RISK, Security Tags: Awareness, Citi group, Critical Information, Database, Dubai, how to protect information, Key to Security, Password, Sony, Username, wiki 1 Comment »Identity management and single sign-on (SSO)
February 10th, 2011 Abdul Saleem Identity management has become a very important issue in IT today. As Web applications have grown throughout the years to support many of our business processes, these same applications have expanded the number of users, groups and roles that must be managed. The more systems that are put in, the greater the burden on the [...]
Posted in INFRASTRUCTURE, IT Policy, ITIL, Management, Network, RISK, Security Tags: Identity management, single sign-on (SSO) 2 Comments »GOVERNANCE, RISK, AND COMPLIANCE ON INFORMATION SYSTEMS
September 30th, 2010 Abdul Saleem IT GRC is a focus area of organisations. It’ was not discussed much or not aware. Business started keeping internal GRC professionals and started working to implement a proper GRC. Trained and experienced professionals demand increased in this segment. We can discuss here in brief what the GRC. Governance describes the overall management approach through [...]
Mobile Workers Security
June 22nd, 2010 Abdul Saleem The increasing importance of mobile workers in today’s businesses has been acknowledged. The mobile worker population is split into three main segments, home-based mobile workers, office-based mobile workers and non-office-based mobile workers. Organisations should develop a proactive policy and strategy that embraces new ideas and methods to create a secure mobile workplace. “Secure mobility” is [...]
Posted in DISASTER, FIREWALL, INFRASTRUCTURE, IT Policy, Management, Network, RECOVERY, Security No Comments »
