Risky Context (Page 3)

Sign in Subscribe

Who am I...

Who am I...

I am an information security professional. I have some scary certifications that make people think highly of me till i open my mouth. Well…. This personal site / blog is my attempt to write about information security the way I want.

'Lack of CAPTCHA' is not always a valid vulnerability or risk

where-is-the-risk

'Lack of CAPTCHA' is not always a valid vulnerability or risk

CAPTCHA is a valid security control. However, lack of it may not be a valid vulnerability in all cases and 'lack of CAPTCHA' is definitely not a risk. May be part of risk.

Risks of a cybersecurity career

Risks of a cybersecurity career

Cybersecurity is one of buzz-words promising the la-la land these days. Everyone is running towards it. However, it will help if one is aware of the 2 big risks.

A Day in a Pen-tester’s life

A Day in a Pen-tester’s life

My 2 cents on a day in a pentester's life, from the vantage point of someone who does it (sometimes) but observes it (a lot). TLDR - it is not all pentesting!

Do not kill your pentester for little or no value-add

Do not kill your pentester for little or no value-add

How to get more value out of a pentest.

External Network VAPT: tools, information sources

This is a live post; it will undergo changes, which are captured in change log, provided at the end of this post.

How to download Nessus Pro using cURL…

assuming you have a valid account with tenable and have paid for your license.

How should a CISO deal with XSS?

How should a CISO deal with XSS?

I got many comments (thank you, everyone, as I learnt a lot) for my article that I published some time back.

Process Myths, Busted

Process Myths, Busted

This article was published by me on LinkedIn earlier. — — — — — — — — — — — — — — — — — — — — — — — — — - Disclaimer:-

Please don’t kill your CISO if he doesn’t know how a virus works

Please don’t kill your CISO if he doesn’t know how a virus works

Musings on some popular (and wrong) expectations from a CISO, by an aspiring CISO.

My Publications

Here’s a partial list of things that i have published so far (in various magazines).

Interview of Akash Mahajan

My interview obsession started before Ajin Abraham. My first interview was with someone who defied quite a few stereotypes in making his…