Sunday, March 17, 2019

FDPPI Chennai chapter Launched

FDPPI Chennai Chapter inaugurated on Mar 16 2019 , Saturday at Rain tree Hotels Chennai

The Governing Council -
Mr Naavi (Chairman)
Mr R Sridhar (Maptech)
Ms. Anitha Rajesh (Info Sec Consultant)
Mr. T.K Balaji (VP-IT, M/s Orange Retail Finance)

Sec 65B workshop agenda Mar 16 2019

Sec 65B - CYSI workshop Agenda Mar 16 2019

Section 65B workshop by Cyber Society of india

Sec 65B of  Indian Evidence Act (IEA)

Cyber Society of India (www.cysi.in)

Mar 16 2019, Saturday, Rain Tree Hotels, Chennai

A Unique one day workshop was conducted in Chennai on 16th March 2019 on “Section 65B of Indian Evidence Act” at Rain Tree Hotels, Teynampet, chennai
The Workshop was inaugurated by Honourable Justice Sri M. Jaichandren, in the presence of Honourable Justice, Dr S. Vimala, Senior Advocates, Mr Masilamani and A Thiagarajan. Mr Na Vijayashankar (Naavi) as Founder Chairman of Foundation of Data Protection Professionals in India (FDPPI), and a pioneer in Section 65B, conducted the knowledge session. Mr S.Balu President of Cyber Society of India (CySi) and formerly head of the Cyber Crime division of Chennai organized the event.
The Speakers of the event :



The Print Version of the book with latest updation, titled “Section 65B of Indian Evidence Act Clarified” by Naavi was released during the event.
The workshop was unique because it was completely focussed on Section 65B which has been in operation since 17th October 2000 but whose importance had not been fully realized until the Supreme Court judgement in 2014 in P V Anvar Vs P.K. Basheer, declaring that it is mandatory for admissibility of electronic document as evidence.
Since then the difficulties in understanding the provisions of Section 65B has also come up for discussion in some fora even to suggest that it may need an amendment.
Naavi clarified the doubts regarding the section and also highlighted why Section 65B was a master stroke in ITA 2000.
An illustrative caricature drawn by Mrs Saranya Devi under the guidance of S.Balu which explained the concept and attracted attention during the workshop is reproduced below.

The caricature explains how unlike a human witness who reproduces an evidence from his brain memory is not asked for any certification (other than the deposition itself) while  a CCTV footage when produced as an evidence requires to be certified under Section 65B under the same logic that the “Computer Witness like a human witness needs to depose but can do so only with the assistance of a human who is the Section 65B certifier.”


FDPPI Chennai Chapter - the launch

The Governing Council -
Mr Naavi (Chairman)
Mr R Sridhar (Maptech)
Ms. Anitha Rajesh (Info Sec Consultant)
Mr. T.K Balaji (VP-IT, M/s Orange Retail Finance)

Saturday, January 19, 2019

Windows Active Directory Services using Linux for SME

  • Would you like to have secured network in your office ?
  • Would you like to have storage solution for your network?
  • Are you afraid to invest on Windows Server licenses?
No Worry!

Website Security - Firewall Protection

Cloud based Web Application Security & Firewall: which covers with a 3-tiered approach that includes Protection, Detection, and Incident Response. If any Malware finds in your File-Manager or FTP Account our security service will also clean-up your code and files, it protects In-house Dedicated Server, Cloud Shared/VPS, Amazon, Azure and much more. Please find attached document for more information.

 
Web Application Firewall
Web Application Firewall
The Protection platform is a cloud-based SaaS Website Application Firewall (WAF) and Intrusion Prevention System (IPS) which secures Static, Dynamic, E-commerce, ERP, CRM or any kind of web applications irrespective of their platforms. It functions as a reverse proxy by intercepting and inspecting all incoming Hypertext Transfer Protocol/Secure (HTTP/HTTPS) requests to a website, stripping it of malicious requests at the Cloud network edge before it arrives at your server. The Web Firewall includes both Virtual Patching and Virtual Hardening engines that allow for real-time mitigation of threats with no impact to the website.

The Cloud Firewall is built on a Content Distribution Network (CDN) that provides performance optimization features to a website. The CDN utilizes a proprietary approach to caching dynamic and static content across all nodes in the network to ensure optimal performance around the world.

Web Application Firewall Security Protects from:
·       Mitigation of Distributed Denial of Service (DDoS) Attacks
·       Prevention of Vulnerability Exploit Attempts (i.e., SQLi, XSS, RFI / LFI, etc...) 
     Protection Against the OWASP Top 10 (and more)
·       Access Control Attacks (i.e., Brute Force attempts)
·       Performance Optimization

The Detection platform is a cloud-based Software as a Service (SaaS) Intrusion Detection System (IDS) built on the concept of a Network-Based Integrity Monitoring System (NBIMS). The monitoring platform is a remote and local (server-side) continuous scanning engine, providing near real-time visibility into the security state of a website.

·               Malware Distribution
·               Blacklisting Incidents
·               SEO Spam
·               Phishing Lure Pages
·               Whois Changes
·               DNS Changes
·               SSL Certificates

The platform requires no installation or application changes. All sites are added and configured just an A record pointing to Web Firewall.

Our  Support team is available to respond to all website-related security incidents, including issues identified and those that aren’t. The team is highly trained and capable of mitigating all website infections and malware related issues.

This platform exists because of the complex nature of website security. Intrusions occur for a variety of reasons. Although our various technologies are being employed to assist in the prevention of such compromises, there are things beyond Web Firewall control. Examples include, poor user/password management or creation, poor security configurations, and other similar environmental issues. Because of the expanded attack vector outside of Web Firewall control, the response platform was designed to provide organizations a supplementary team to assist in the identification and eradication of any successful compromises. This would include analysing the cause, assisting in the patching of the issue, and restoring the environment to operational order.

FAQ’s
·         
We already have an SSL for our website or application, how WAF helps?
Ans: In general, SSL only encrypts data being sent from visitor computer to server, which doesn’t verify the transmitted data has any malware content.
We are using AZURE, AWS or similar Hosting service, do we require Web Application Security?
Ans: Normally Hosting companies only give guarantee on Uptime. Customer is responsible for their own files.
Our application is placed in a dedicated server within our office, which has Anti-Virus & Firewall. Do we require Web Application Firewall & Security (WAF)?
Ans: WAF has multi layered security with multiple Firewalls, Anti-Virus and other commercial security products. You can use WAF as second layer of security.
We want to restrict Login pages in our application does WAF helps this?
Ans: WAF has geographical, url, database injections, activity-based blocking, you can protect your application in many ways.