Blog

The Silent Cost of Staying Unmonitored If you ask most CISOs what keeps them awake at night, more than the thought of a firewall misconfiguration or an expired SSL certificate it’s what they don’t see.  Modern attacks are no longer noisy. They’re patient, staged, and often unfold across weeks or months. By the time an […]

CISOs today are no longer just defenders of the network; they are strategic business leaders sitting at the crossroads of innovation, regulation, and risk.  Every new technology, AI, cloud, IoT, 5G, quantum computing promises growth but also multiplies exposure. Boards want agility, regulators want assurance, and customers want trust.  The challenge? Balancing it all.  In […]

Sysmon, short for System Monitor, is a Windows system service and driver provided by Microsoft’s Sysinternals suite. It logs detailed information about system activity to the Windows Event Log, which is far beyond what standard logging offers.   With Sysmon, you can track things like process creation, network connections, file changes, and registry modifications, along with […]

In the world of software development, we often focus on obvious threats like SQL injection or cross-site scripting. However, lurking beneath the surface, a more subtle yet equally dangerous vulnerability exists, known as Integer Overflow. This seemingly innocuous issue can lead to application crashes, unexpected behaviour, and even security breaches if not properly addressed.  The […]

AuthenticOne - A CREST Accredited Company for Penetration Testing  We are proud to announce that we are now a CREST accredited for penetration testing. In addition to individual accreditations/certification like CISSP, CCSP, CRISC, CISA, OSCP, CompTIA Security+, Microsoft Azure Security, AWS Security and many more, CREST accreditation for AuthenticOne as organisation is a milestone that emphasizes […]

SQL Injection is a serious cybersecurity threat that allows attackers to manipulate database queries and gain unauthorized access to sensitive information. By inserting malicious code into input fields, they can steal data, alter records, or even take control of an entire system. This vulnerability often arises from improper handling of user inputs in applications. In […]

LLM Security, AI Security, Large Language Models, LLMs, AI Threats

Artificial Intelligence (AI) has advanced rapidly in recent years, with Large Language Models (LLMs) playing a key role. LLMs are driving groundbreaking advancements in Natural language Processing (NLP), automation, and decision-making. And, businesses are widely using LLMs to enhance efficiency, improve customer interaction, and generate valuable insights.  However, despite their advantages, LLMs also come with […]

As businesses increasingly rely on containerized environments for scalability and efficiency, Docker has become a cornerstone of modern application deployment. However, security challenges persist, demanding a proactive approach to safeguard infrastructure.  In our previous blog, Docker Demystified: Laying the Foundation for a Secure Containerized Future, we covered Docker fundamentals, its architecture, and steps to get […]

One-Time Passwords (OTPs) are widely used as a security measure for authenticating users, offering an additional layer of protection against unauthorized access. However, vulnerabilities like OTP bypass via response manipulation can significantly weaken the effectiveness of this multi-factor authentication method. The response manipulation technique allows attackers to gain unauthorized access by intercepting and altering the […]