whitehatGuru Research Team

Information Security Research & White Papers

  • Securing the ‘ClouD’…

    November 25th, 2010  

    Where and how our data is composed, processed, accessed, stored, backed up and destroyed is, what is sure to become massively overlaid cloud-based services and ‘by whom’ and ‘using whose infrastructure’ solely yields significant concerns related to security, privacy, compliance and survivability.

    This paper will show multiple cascading ‘levels of failure’ associated with relying on cloud based infrastructure including exposing ‘flawed assumptions’ and ‘untested theories’ as it relates to security, privacy and confidentiality in the Cloud with some unique attack vectors.

    This publication will also address varied critical areas of concerns, when securing cloud infrastructure services and managed enterprise applications, thus providing the acumen towards mitigating the risk of being vulnerable against the perpetrating alarming attacks.

    A managed cloud deployment definitely offers the opportunity for the enterprise to build in security from the ground up. In fact, it will be seen in this publication that properly configured and managed, enterprise security in the cloud may be greater than what they could achieve on their own.

    It shouldn’t be believed that security should be a more of a concern in the cloud environment then it is in an in-house environment. It’s really a matter of “have one identified clearly what they are trying to achieve?” and “have they recognized clearly the procedures that are required to protect the environment?”.  Thus, more analyses including these could be critically evaluated through this paper.

  • IPS : ‘B/D’oom Justified

    October 25th, 2010  

    This publication would address challenges with respect to the security devices thus proving the acumen towards best practises in an IPS world, resulting in guarding a firm against these perpetrating alarming attacks. Also the paper would direct, tips and guidelines for deploying these products from internal to border network environment as in a practical scenario, thus having a basic evaluation on how different vendor products behave in certain environments specifying the pros and cons of having these devices positioned around different acquisitioned security devices thus protecting the network infrastructural services of the firm.

    Also, the heart of this publication i.e. ‘Four most fundamental issues affecting IPS’ will lighten one to have the most efficient product out of a normal vendor product, and will review how we are going to resolve those cult of headache’s of an administrator, also would showcase the upcoming scenario in the dark world of IPS, full of intruders and perpetrators with a single ray of hope!

    Also, with future perspective one will get a glimpse of the core requirements for the next generation IPS and will get an insight for making informed decisions in the golden age of intrusions!

  • EDI:Iaas {EDI: Integration as a Service}

    October 25th, 2010  

    Electronic Data Interchange (EDI) enables businesses to exchange electronic documents easily, efficiently and cost effectively. Documents such as invoices and purchase orders are transmitted from one computer to another in a standardized electronic format. EDI enables you to send and receive business documents with minimal chance for errors and omissions, due to the fact there is little or no human interaction. Vital business information is processed instantly without personnel having a key in the data. This alone increase productivity and decreases the chance for errors and delays.

    In this whitepaper we cover up basic requirements for a firm in adopting EDI, with respect to integration of the adopted/deployed technology with one’s internal infrastructure.

    We focus one the following aspects in the present whitepaper.

    [+] Basic Implementation of EDI.
    [+] Custom capabilities for IaaS.
    [+] How integration helps SMB’s save cost.
    [+] EDI Integration Construct – The Pieces Of The Perplexed Maze.
    [+] E-Commerce, EDI and CRM Integration – How It Communicate
    [+] Key factors to ensure EDI integration success
    [+] Challenges Doing EDI Integration