USA
India
APAC
Middle East
Global
Facebook
Linkedin 
X
Youtube
Pages
- A Launching The Most Anticipated Cybersecurity Report Of The Year
- a mxdr
- About Sisa
- Become Partner
- BH – Home
- Blogs
- Careers
- Corporate Social Responsibility
- Cyber Resilience
- Cybersecurity Compliance Services
- Data Protection
- Enquiry
- Enquiry – Thank you
- Enquiry – Thank you – 23rd September
- Executive Briefing: Digital Threat Report 2024 for the BFSI Sector
- Expert Corner – A Comprehensive Guide to Log4j Vulnerability & Combat Techniques
- Home
- IN – Home
- login
- Login
- Management Team
- My Account
- Network PT
- Newly Launched: SISA’s Knowledge Lounge
- News Room
- Privacy Policy
- ProACT MXDR Integration and SOP’s
- ProACT MXDR Integration and SOP’s 2
- ProACT MXDR TCO & Savings Calculator
- Register
- Resources
- Rest Password
- Security Testing
- SG – Home
- SISA Assistant 3.0
- SISA Institute
- Sisa News
- Sitemap
- Terms of Use
- Thank You
- Thank You – Brochure
- Thank You – Case Study
- Thank You – InfoSec Report
- Thank You – Security Advisory
- Thank You – Webinar Q&A
- Thank You – White Paper
- Training
- Certified Professionals
- Forensic Briefing Session
- Get Certified
- Advisory Groups
- Application
- Certification Policies
- Appeal Policy
- Certification Policy & Candidate Handbook
- Complaint Policy
- CPE Policy
- Declaration of Impartiality
- Eligibility Policy
- Exam Development Policy
- Exam Extension Policy
- Exam Feedback and Challenge Policy
- Exam Retake Policy
- Logo usage guidelines
- Privacy & Information Release Policy
- Recertification Policy
- Special Accommodation Policy
- Suspension, Withdrawal & Recertification Policy
- Violation of Ethics Policy
- Certification Support
- Certifications
- Thank You
- Payment Data Security Programs
- Security Incident Detection and Response Programs
- SISA Digital Badges
- SISA Institute – Workshop Calendar
- Training and Certification Store
- US – Home
Infosec Reports
Posts by category
- Category: Blogs
- Data Security Workshops: 5 Most Important Topics to Master in 2025
- The Agentic AI Revolution in SOC: Promise, Peril, and the Path Forward
- What Is IoT Attack Simulation? And Why Does It Matter In 2025
- What Is PCI Penetration Testing? Do You Need It for Your Organization?
- What Is Data Discovery & Classification?
- PCI DSS Compliance Levels: Everything You Need to Know
- Threat Detection Solution (TDS) Explained [2025]
- What Is Cyber Attack? 5 Steps To Be Prepared
- SAMA Compliance: Saudi Arabia’s Central Bank is Pioneering Cybersecurity in Financial Institutions.
- AI Chatbots in Indian Banking: Balancing Innovation with Privacy in a Post-DPDPA
- VAPT in 2025: Beyond the Basics
- AI Security Workshop to Become a Certified Professional in 2025
- Sensitive Data Discovery in 2025: Why Smart Is the New Secure
- How to Become PCI Certified? Its Importance & Implications in India 2025
- Security Protocols Organizations Need To Follow In 2025
- What is Incident Handling? Definition, Steps & Importance
- UIDAI Aadhaar Audit: Checklist & Security Compliance
- Consent and Control: How DPDP Redefines User Trust in Digital Payments
- PCI Training Focus Areas To Be Aware Of In 2025
- Ransomware Prevention: What Is It & Why Is It Important For You?
- What Is PCI PIN Compliance And Its 6 Requirements [2025]
- Practical Tools and Services to Make Your Organization Quantum-Safe
- Key Steps to Prepare for Quantum Security: A Strategic Approach to Transition
- The Urgency of Quantum Security: Understanding the Threats and Why Action is Needed Now
- Personally Identifiable Information (PII) Data Examples: Everything To Know
- 10 Cybersecurity Best Practices in the Age of AI (2025)
- What Is The Role Of An Incident Management Team In An Organization?
- Purpose Of PCI DSS Audit And Do You Need One For Your Organization?
- Enter the Matrix: Staying Secure with Full-Scale Cyberattack Simulations
- Navigating the DPDP Act: A Deep Look at Data Minimization in Digital Payments
- What is PCI Awareness Training? And Different Programs to Explore in 2025
- Threat Detection Solution: Do You Need It for Your Organization?
- The Future of AI: Cybersecurity Implications & Best Practices
- Incident Response Plan: What is it & Why is it important?
- A Complete Guide To System Audit Report (SAR) In India
- What is Risk Assessment? Why Is It Important In 2025
- The Top 5 Data Discovery Tools For Businesses In 2025
- What is AI in Cybersecurity? And Why Does It Matter Now?
- Top Leading Cybersecurity Courses in India for 2025
- Ransomware Simulation: What It Is and Why Your Business Needs It
- Navigating PCI DSS 4.0 Compliance Before the 2025 Deadline. Why Training is Key
- PCI DSS Compliance Levels Explained: What You Need to Know to Secure Your Business
- PII Data Discovery Tools: Everything You Need To Know About It
- 5 Prominent Data Discovery Tool Features You Should Know About
- Threat Detection Solutions in 2025 You Need to Know
- What is Cybersecurity Compliance? Why Is It Important?
- Navigating the Ethical AI Landscape: The Role of ISO 42001 in Shaping Responsible AI Practices
- What is Continuous Automated Red Teaming (CART) and Why is It Important?
- What Is Threat Detection & Response (TDR)?
- What is PCI DSS Audit? And What Are It’s 10 Requirements
- Top 5 AI Risks Facing Organizations and How SISA Can Mitigate Them
- Navigating Agentic AI: The Imperative of LLM Scanning, Red Teaming, and Risk Assessment
- Privacy Through Security: Why Data Privacy Needs Robust Security
- Global Privacy Laws – Different Paths, Same Purpose
- Malaysia’s Cybersecurity Priorities and SISA’s Role as a NACSA-Licensed Partner (Cyber Security Act 2025 (Act 854)).
- Data Privacy Day (DPD)
- Data Privacy Day (DPD) and It’s Importance
- What Is PCI DSS Tokenization & It’s Guidelines Explained
- 3 Most Effective PCI Training Methodologies in 2025
- EU AI Act Ushers in New Era of AI Literacy Requirements
- Cybersecurity In 2025: Everything You Need To Know
- Incident Response Tools: How To Choose The Right One?
- 5 Cybersecurity Frameworks to Reduce Cyber Risks in 2025
- What Is Ransomware Protection Service? Best Practices Explained
- What Is PCI Awareness Training? Why Is It Important?
- What is ISO 27001? Information Security Management Standard
- How much does PCI DSS Certification Cost In India?
- Everything You Need to Know About PCI PIN Certification
- What Is Personally Identifiable Information (PII Data Classification)?
- HITRUST Certification: The Comprehensive Approach to Unified Security and Compliance
- What is PCI Certification & Compliance? Why Is It Important
- Managed Threat Detection and Response Solution Explained
- 5 Best Practices Of MDR (Managed Detection & Response)
- Navigating SEBI’s CSCRF: A Focus on SOC Compliance
- PCI Training for Employees & Working Professionals: Why Does It Matter?
- Decoding RBI’s Latest KYC Amendments: Implications for Financial Institutions
- HITRUST: A Comprehensive Framework for Managing Risk
- What is Continuous Penetration Testing? And Why Is It Important?
- The Invisible Accomplice: How AI Is Fueling a New Wave of Cyberattacks
- SOC Audit: A Comprehensive Guide to Safeguarding Your Business
- SISA ProACT MXDR: Tackling Critical Challenges in the Payments Industry
- What is Privacy & Data Protection: Definition, Importance & Comparison
- What is 3D Secure Protection? Definition, Importance & Types
- 8 Key Benefits Of MDR Solution You Should Know About In 2025
- What is Network Vulnerability Assessment & How Does It Work?
- Top 10 Cybersecurity Certification Courses For Professionals In 2025
- Navigating SEBI’s New Cyber Resilience Guidelines: How SISA Can Empower Your Cybersecurity Strategy
- Forensic Readiness: A Crucial Element of Cybersecurity
- What is Data Discovery? Steps, Strategy & Best Practices Explained
- What is Cyber Risk Score? How does it help an organization?
- What is Compliance Risk? Definition, Importance, & Types
- PCI DSS 4.0 Checklist: 12 most important requirements explained
- How can an MXDR solution change the security posture of your organization?
- How Phishing Simulation Works & What Are Its Benefits?
- 10 Benefits of MXDR Solution
- 10 Data Protection Techniques To Follow In 2025
- Top 3 Cybersecurity Courses You Can Enroll In 2025
- 5 Steps to Follow to Become PCI DSS Certified in 2025
- Top 10 Cybersecurity Tools You Should Be Aware of in 2025
- EDR vs MDR vs XDR: Understanding Key Differences & Choosing the Best in 2025
- What is Cybersecurity? Definition, Types & Best Practices in 2025
- How to Pick the Best PCI DSS Training & Certification Program in India
- MXDR Strategy In 2025: How to navigate it the right way?
- PCI DSS Compliance Cost In 2025 – Everything you need to know
- Red Team Exercise: Why Your Organization Needs One and How to Get Started
- How to Prepare for India’s Digital Personal Data Protection Act 2023
- What is Penetration Testing? A Complete Guide
- What is DPDPA? Why is it important in 2025?
- MDR vs. MXDR: How Do They Differ? Which One is More Suitable for Your Organization?
- What is HITRUST Certification? Importance, Assessments, and Benefits Explained
- What is Vulnerability Assessment? Why Is It Important in 2025?
- Exploiting IDOR in an Encrypted Mobile API with Frida
- Top 5 Cybersecurity Certifications You Need to Succeed in 2025
- How Does an MXDR Solution Work? 10 Essential Factors to Consider
- What is Managed Extended Detection & Response (MXDR)?
- What is Data Protection? Expert Insights on Its Critical Role and Best Practices
- What is a Security Operations Center (SOC)?
- What is PCI DSS Compliance? Definition, Importance & Requirements
- PCI DSS Awareness Training: Why Organizations Need It In 2025?
- What is Risk Assessment? Misconceptions, Challenges & Opportunities
- The Critical Role of Accredited Certification in Payment Security
- What is Red Team Exercise: Definition, Process, and Benefits
- Data Security vs Data Privacy vs Data Protection: Understanding the Key Differences
- What is Cyber Threat Hunting? 10 Steps to Proactively Manage Cyber Threats
- The Role of Data Classification Tools in Data Security
- What is PCI DSS Compliance? A Comprehensive Guide for the Payments Industry
- Bridging the Cybersecurity Skill Gap in the Payments Industry
- 10 Reasons Why Penetration Testing is Critical for Your Organization’s Security
- 10 Functions of a Data Classification Tool in Cybersecurity with Examples
- 7 Ways Payment Security Training Empowers Businesses for Success
- The top 6 IoT security risks every business must know
- What is Dark Web Monitoring and why should businesses care about it
- What is Incident Response: Definition, Process, and Importance
- 5 Must-Have Features in Your Next MDR Solution
- 10 Essential Steps for Ensuring Compliance with India’s DPDP Act 2023
- Evolution of Data Governance in Southeast Asia: Trends, Regulations, and Best Practices
- SEC’s New Cybersecurity Rules: What Investors and Companies Need to Know
- Navigating the Transition to PCI DSS 4.0: Timelines, Goals, and Best Practices
- Qatar’s leap in data security: Decoding the National Data Classification Policy
- Decoding the top 5 cybersecurity risks of generative AI
- The six phases of threat intelligence lifecycle
- A New Age of Privacy: Understanding India’s Digital Personal Data Protection Bill 2023
- Penetration Testing vs. Red Teaming Exercise: Understanding the Key Differences
- What is the critical zero-day vulnerability in Citrix ADC and Gateway and how to mitigate it
- Guarding the IoT Frontier: Exploring IoT Security Testing for Robust Defenses
- What Is Sensitive Data? Types, Risks, and Protection Measures
- Evaluating the benefits of MDR service vs In-house SOC
- An introduction to SBOM: Role and importance in software security
- Continuous Pentesting vs. Traditional Pentesting: A Comparative Analysis
- 4 types of cyber threat hunting tools
- 7 Key steps to build an effective Data Classification framework
- 3-Step Guide on Cyber Threat Hunting using Machine Learning Algorithms
- Tokenization Made Simple: Leveraging PCI DSS 4.0 Training for Effective Implementation
- The changing role of Initial Access Brokers (IABs) in Ransomware-as-a-Service
- Best practices for implementing MFA to combat Brute-forcing attacks
- The OWASP IoT top 10 vulnerabilities and how to mitigate them
- The importance of 3D Secure for payments data security
- A guide to Data Classification types and levels
- Data Discovery: Secure Your Data and Your Business
- 5 reasons your business needs MDR solution for proactive cybersecurity and compliance
- Incident Response Plan: A Guide to Cybersecurity
- How can an enterprise meet data privacy needs with automated data discovery and classification
- Cybersecurity Awareness Training – Challenges and Benefits
- The Top 5 Tenets of Zero Trust Security
- Cybersecurity regulations shaping the future of fintech services in Singapore
- Decoding the Salient Features of India’s Digital Personal Data Protection Bill, 2022
- Six Best Practices to Achieve Compliance with PCI DSS 4.0
- Top 4 application security trends that can’t be ignored
- Adversary-in-the-Middle (AiTM) phishing attack: Key tactics and defense strategies
- Point of View – Learnings from the Uber Breach
- The rising threat of Browser Automation Framework: All you need to know!
- Ransomware-as-a-Service: How Cybercriminals Are Making It Easier Than Ever to Launch Attacks
- CERT-In Directive – A Step to Strengthen India’s Cybersecurity Posture
- Decoding the Anatomy of a Ransomware Attack
- Reinforcing Your Enterprise’s Data Security with Data Discovery and Classification
- PCI DSS 4.0 – Key Changes Affecting Merchants and Service Providers and How They Should Respond?
- Everything You Need to Know about Data Discovery and Data Classification
- Decoding the Top Trends and Intruder Actions in Data Breaches
- How are Ransomware Gangs evolving their game and strategy?
- SISA’s Top 5 Forensic-driven Learnings for 2022 to Secure Against Evolving Threats
- The All-New Customized Approach to PCI DSS: Understanding the Key Tenets, Applicability, and Requirements
- All Your Questions on PCI DSS 4.0, Answered
- PCI DSS 4.0: A Paradigm Shift to Continuous Compliance, Customization, and More
- Rising MFA Exploits And Best Practices To Mitigate Them
- The Curtain Rises: Unveiling PCI DSS 4.0
- Prepare to embrace continuous compliance with PCI DSS 4.0
- Understanding Real-Time Data Protection Challenges with Industry Experts
- Why Discovering Sensitive Data is More Important Than Ever
- RBI’s Tokenization Circular Update – The What, Why and How
- What is a Business Continuity Plan and Why your Company Needs One?
- Rapid Attack Remediation and Cyber Risk Management – Panel Discussion with ISACA Singapore
- VIDIVA Transforms Payment Security – PCI DSS Assessment by SISA
- How to Comply with GDPR Guidelines? Your Complete GDPR Guide
- Key Insights: Decoding RBI instructions on Card Payments Security
- Addressing Existential Cyber Risks in Financial Institutions
- Data Protection and Cybersecurity Regulations in Singapore
- AI in Cybersecurity: Incident Response Automation Opportunities
- Indicators of Behavior: A Shift to Cyber Resilience
- Data Classification: A necessity to secure your business
- 6 Reasons Why You Need Incident Response as a Service
- What is Threat Hunting in cybersecurity domain
- Multinational Restaurant Chain Data Breach – Things You Should Know
- Cyber Resilience in the Aviation Industry
- Nagios XI Security Vulnerabilities Exploited to Run Cryptomining Malware
- MITRE ATT&CK Framework: All you need to know
- Data Discovery for Securing Sensitive Data on the Cloud
- 5 Reasons Why You Should Pursue CPISI 2.0 Certification
- 5 Most Common Application Vulnerabilities and How to Mitigate Them
- Zeoticus 2.0 Ransomware – All You Need to Know
- Nefilim Ransomware
- PCI DSS – 5 Most Commonly Observed Control Failures
- MineBridge Malware Puts Companies on High Alert | Threat Spotlight
- Do You Need to Adhere to PCI PIN Security Requirements?
- How Can CISOs Easily Adopt Zero-Trust Security?
- How to Detect and Prevent DNS Hijacking?
- Introduction to PCI Software Security Framework (SSF)
- GDPR Compliance and Significance of Securing PII
- Secure organization’s data with Managed Detection and Response (MDR) for remote workers
- Insider Threat: Human Vulnerabilities Resulting in Cyber Attacks
- Importance of Log monitoring and Threat Landscape
- 9 Things to Keep in Mind while Choosing a SIEM Solution
- Two Massive Data Breaches in a Span of Two Weeks. What are the Lessons to Learn?
- Ways to Reduce Rising Email Based Threats and Uphold Better Data Security
- Online Skimming – The Emerging Payment Card Fraud
- How Organizations can Safeguard Personal Identifiable Information (PII) Data
- Reconnaissance – the Eagle’s Eye of Cyber Security
- Everything you Wanted to Know About PCI SAQ (Self-Assessment Questionnaire)
- How Data Discovery Tools Can Help Zero-in on Data Non-Compliance
- How to Protect your Organization from a Potential Data Breach
- The Biggest Info-Security Learning from 2018
- Cryptojacking – Threat, Impacts and how to protect business from becoming a victim
- 5 Key Factors for Choosing the best MDR Solution Providers
- Why you should upgrade your MDR solution in 2019
- Securing your organization with credential-based vulnerability assessment
- Mitigating Data Breaches in Payment Security with SISA’s PaySIRF
- Top 5 Considerations in PCI DSS Card Data Discovery
- Cyber Security Risks In Social Media Banking
- PCI Standards for India’s Emerging Digital Payment Modes
- 8 Steps to Protect Your Organization from Fake Response Malware
- PCI SSC Announces the GEAR Members
- Norm on Storage of Payment System Data by RBI
- Maintaining Sustainable PCI DSS Compliance
- How to Secure Mobile Payment Applications
- Scoping for PCI DSS Compliance
- EMV and PCI DSS – Complementing or competing standards?
- Getting Ready for Cyber Security
- Understanding PCI DSS Penetration Test Guidance v1.0
- PCI DSS for E-commerce & M-commerce: Definition, Challenges and Remediations
- Information Security Facet of Data Protection Act UK
- Evolving trends in Payment Card industry
- POS Malware (Stealth tool to steal the valuable Card Details in your Pocket)
- Adobe Flash Zero-Day Vulnerability – Operation Clandestine Wolf by FireEye
- Judgment Day – Quashing of Section 66A of IT (Amendment) Act 2008
- SSL is Dead: What to do for PCI DSS Compliance
- Healthcare Interoperability – Privacy & Security
- Internet of Things – The Changing Information Landscape
- Why to integrate PCI DSS and HIPAA?
- Risk Analysis – Success Factor for HIPAA Compliance
- How to Combat Card Data Breaches?
- Reasons Why Your PCI Compliance May Fail (and How to Fix It)
- Have Indian Companies Got It Right On Payment Card Security?
- Android, is it Secure?
- NFC payment – New milestone in Payment Industry
- How to Choose the best PCI Compliance Service Provider
- Comparison between ISO 27005, OCTAVE & NIST SP 800-30
- Detecting Card Numbers
- Combat social engineering attacks with these mantras
- Identifying Web Application Firewall in a Network
- Category: Event
- Category: Executive Perspectives
- Category: Infographics
- Category: Monthly Threat Brief
- Category: Press Release
- Category: Reports
- Category: Success Story
- Category: Uncategorized
- Bridging Cybersecurity Talent Gap with Training, Certifications
- Why is being compliant with data protection laws necessary?
- Evolution of Managed Detection and Response (MDR)
- 10 Types of Security Testing Techniques
- A Complete Guide to Ensure Cyber Security Compliance
- PIPKA Advisory
- Emotet Malware
- PCI DSS Controls for Work from Home setup
- Maze.Ransomware – New Destructive Malware Strain
- REvil Ransomware AKA Sodinokibi (RaaS)
- ProLock Ransomware
- ColdLock Ransomware
- Panther Ransomware
- MosaicRegressor Malware
- Ghimob malware can spy on 153 Android mobile applications
- SolarWinds Fallout: How The Sunburst Attack Happened
- Clop Ransomware: Don’t Think It Can Happen to You?
- How to Prevent a Potential Fortinet FortiOS Breach: All You Need to Know
- Codecov Breach: All Questions Answered
- DarkSide Ransomware Operations
- Category: Webinar
- Category: Weekly Threat Watch
- Category: White Papers
Case Studies
- SISA Helps Detect and Prevent Unauthorized Communications in POS Terminal Environment
- SISA Evaluates Privacy Risks across Fintech Firm’s Applications
- Wibmo Achieves Seamless Compliance with SISA ProACT MXDR
- Driving Peak Performance: How PayU Leveraged SISA ProACT MXDR to Dominate Big Billion Sales
- SISA helps a global electronic payment provider strengthen risk management and compliance
- SISA helps a Fortune 100 technology company achieve PCI DSS compliance
- SISA ProACT’s cloud-based MXDR solution helps Tonik Digital Bank improve real-time threat detection and response
- SISA deploys RADAR across 85,000 endpoints to help a major bank meet compliance standards and boost data security
- SISA helps a leading payment service provider from Africa address major security gaps to reinstate PCI DSS certification
- SISA's custom data audit enables UPI 123 tech on non-feature phones for a payments bank
- A global payments solutions provider uses SISA's ProACT MDR solution to improve threat detection and response
- SISA helps a leading bank in the Middle East achieve PCI DSS compliance for branches in Egypt and Qatar
- SISA’s forensics-driven consultative approach to application security helps a global service provider mitigate critical security vulnerabilities
- SISA’s comprehensive red teaming assessment helps a leading cooperative bank uncover critical security flaws and improve defences
- SISA helps a global cloud-based solutions provider mitigate IoT device vulnerabilities
- SISA’s forensics-driven MDR solution helps Club Prophet improve monitoring of workloads on Google Cloud Platform
- An American healthcare MNC strengthened its data security policy by integrating SISA Radar with DLP solutions
- SISA’s cloud-based MDR solution helps Paytia improve threat monitoring and incident response
- SISA Radar’s customized solutions helped an Indian fintech company streamline sensitive data discovery and classification to achieve compliance
- SISA’s two-phased assessment helps a global provider of laboratory-specific software solutions achieve defence-in-depth security for cloud environment
- SISA’s training-led multi-phase assessment helps BRAC bank successfully achieve PCI DSS compliance
- Hong-Kong based Insurance MNC Leverages SISA Radar to Reinforce Sensitive Data Discovery and Classification
- SISA’s ProACT MDR platform helps a leading bank in Africa improve its threat hunting and incident response
- SISA’s consultative approach helped a GCC banking major ease PCI compliance journey and improve security posture
- A leading Indian private sector bank achieves compliance and secures sensitive data with SISA Radar
- SISA Radar helps optimize sensitive data discovery and storage for MEA-based payments processor
- Simplifying PCI DSS Certification and Bolstering Security with SISA Radar – Data Discovery Tool
- Structured Approach to Multi-Location PCI DSS Compliance for Better Time Management
- Helping Legacy Bank Achieve PCI Compliance in Record Six Months
- Mitigating Potential Data Breach through Lateral Movement Hunting
- Mitigating Privilege Escalation Attack by User Behaviour Analysis and Threat Hunting
- Reinforcing email security by building an improved security architecture
- Enhancing the Security Posture of an Insurance Company with VAPT
- Securing Valuable Healthcare Data Assets by Performing High-Level VAPT
- Leading Bank Embraces Data Discovery to Transform its Compliance Governance
- Leading BPO Transforms Its Application Security Approach, Forever
White Papers
- ProACT MXDR: an Agentic SOC with a Human Touch
- AI security e-guide: The rising AI threat landscape & why training matters
- SISA Canvas -Edition 4 Strategic Approaches to Mastering Compliance with PCI DSS 4.0 Standards
- Reimagining Compliance: A Unified Future for a Fragmented Regulatory World
- SISA Canvas – Edition 3 Cybersecurity conversations for a safer tomorrow
- Securing the Unseen in the Big Data Era: Balancing Data Privacy with Comprehensive Discovery and Classification
- MXDR: The New Paradigm of Cyber Defense for the Digital Payment Industry
- The Tipping Point: Bridging the Cybersecurity Skill Gap in the Payments Industry Through Accredited Training
- Advanced Threat Detection & Response: Why Modern Organizations Need MDR Beyond Traditional SOCs
- Data security challenges in hybrid cloud and six best practices to overcome them
- SISA Canvas Edition 2 - Cybersecurity conversations for a safer tomorrow
- Threat Hunting 101 - A Comprehensive eGuide
- Zero trust security is not a ‘quick fix’ but a new cybersecurity paradigm
- Ransomware eBook - Be the Hunter, Not the Hunted
- SISA CANVAS: Cybersecurity conversations for a safer tomorrow
- DIGITIZATION IN UAE | An Answer to the Rising Threats and Vulnerabilities
- RBI Comprehensive Cyber Security Framework for Primary (Urban) Cooperative Banks: A Graded Approach
- NPCI Circular – Third Party Payment Application Providers (TPAP)
- RBI Guidelines on Tokenization in Card transactions
- RBI Cyber Security Framework for Scheduled Commercial Banks (SCBs)
- RBI Information System (IS) Audit
- RBI Guidelines on Regulation of Payment Aggregators & Payment Gateway
- RBI System Audit Report (SAR Audit)
- NPCI System Audit Report (SAR Audit)
- RBI Issues Master Direction on Digital Payment Security Controls
- RBI PPI Technical Security Audit Compliance in Cloud
- The Evolution of PCI 3D Secure and what’s next?
- A practical application of AI and Data Analytics to improve effectiveness of SOC
- Detecting a Fake Response Malware Attack
Webinars
- AI Governance in Action: Creating Secure, Responsible and Trustworthy AI Systems
- Future-Proofing Digital Payments: Leveraging Forensics for Quantum Safe Migration
- Forensics-Driven DPDPA Compliance for the Digital Payments Ecosystem
- Securing AI Excellence: AI Threats, Defense Strategies, and SISA’s Certification Advantage
- The HITRUST Approach to Unified Compliance
- Data Governance Strategies to Navigate Compliance Landscapes
- ANAB Accredited Certification: A Catalyst for Professional Excellence in Payment Security
- Panel Discussion on ‘Winning Strategies for PCI DSS 4.0 Compliance'
- Trends In Privacy Regulations in Asia Pacific and the Role of Data Governance
- Transitioning to PCI DSS v4.0
- Understanding the Art of PIN Security during Transactions
- Role of Data Classification in Meeting Privacy Regulations in India’s BFSI Sector
- PCI DSS Scoping and Segmentation on Cloud
- Transitioning to PCI DSS 4.0
- PCI DSS 4.0 - A step towards a better cybersecurity posture
- Data Privacy trends in 2023 & their impact on data security strategy
- Payment Security Landscape: Trends, Challenges & Learnings
- Panel Discussion: Application Security in Payments World; is it different?
- Outsmart Ransomware with SISA's Key Prevention and Response Strategies
- PCI DSS 4.0 - A Transformational and Technology Driven Future for Payments
- Fireside Chat on PCI DSS 4.0: A Paradigm Shift to Continuous Compliance, Customization, and More
- Reinventing Indian Financial Ecosystem with Cryptocurrencies | A Cyber Security Approach
- Data Protection - 5 real-time challenges businesses need to be prepared for.
- RBI’s Tokenisation Circular Latest Update – What do you need to know?
- What is Apache Log4j vulnerability (CVE-2021-44228) and how it can impact you?
- Fireside Chat with Jeff Vinson on Ransomware Resiliency
- Panel Discussion: Decoding RBI’s Circular on Tokenisation
- ISACA Singapore: Improving Resilience with Rapid Attack Remediation and Cyber Risk Management
- Panel Discussion: Breaking Down Data Leaks and Data Security
- Panel Discussion: Addressing the Rising Risk in Mobile and Internet Banking
- Webinar: MAS Revised Guidelines for Risk Management – Get Compliant and Stay Resilient
- Panel Discussion: Decoding RBI instructions on Card Payments Security
- Webinar: New RBI Guidelines – How it Affects Payment Gateways and Aggregators
- USA Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- SAARC Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- Webinar: Threat Hunting – A Quick Guide for Analyzing Dynamic Threat Environments
- Webinar: RBI Master Direction for Financial Institutions: Get your assessment done.
- Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- Webinar: Staying Resilient to Breaches and Ensuring PCI DSS Compliance
- PCI SSF is replacing PA DSS. What’s your next step?
- RBI’s Master Direction on Digital Payment Security Controls – Panel Discussion
- Preventing Human Errors in Cybersecurity
- 5 Power Tips to Ensure Cloud Security in 2021
- The Top 10 Cybersecurity Stories of 2020 | Lessons We Learnt
- Preventing a Ransomware Attack Is Within Our Reach
- Cyber risk is everywhere. Where to look and what to look for?
- Exploring PCI Software Security Standards Framework
- SISA’s Top 5 Forensic Driven Learnings – Report Launch and Panel Discussion
- The Complete Guide to Strengthen Incident Response Plan: Mitigating the Current Day Threats
- Tackling End-Point Security Risks with Risk Assessment
- CyberSec Code Black – MDR to Rescue
- Work-from-Home: Implications & Strategies to Remain Compliant with PCI Standards
- The Jack of Payment Card Industry – PCI PIN Security
- Evolving Payment Security Standards – Expectation and Implications
- PCI Software Security Standards Framework, an evolution away from PA DSS
- Lessons Learned from Data Breaches in 2018
- Nine Yards of PCI PIN Security Requirements
- How to secure Mobile Payment Application
- Integrating PCI Compliance with HIPAA
- Decoding Key Management for PCI DSS
- Risk Analysis for HIPAA: Tool for Optimal Security
- Panel Discussion | Future of Digital Risk Management for Financial Institutions
Events
- SISA is a Forensics-Driven Cybersecurity Partner at the DSCI FINSEC Conclave 2025
- SISA is a Gold Sponsor at the Payment Security Summit – UAE 2025
- SISA at CERT-In Samvaad 2025
- SISA at The Nepal Fintech Festival 2025
- SISA is Back at RSA—And Bigger Than Ever!
- SISA at Payment Security Summit & Awards 2025
- SISA at DSCI Data Protection Summit 2025
- SISA at the DSCI AISS (Annual Information Security Summit) 2024
- SISA at Singapore Fintech Festival
- SISA is a forensics-driven cybersecurity partner at the Saudi Payment Security Summit 2024
- SISA at The 2024 PCI SSC Asia-Pacific Community Meeting
- SISA is Supporting Sponsor at the 2024 North America PCI Community Meeting
- SISA at Global Fintech Fest 2024
- SISA at the 16th edition of the DSCI Best Practices Meet 2024
- SISA is Gold Sponsor at Middle East Payment Security Summit
- SISA is 'Digital Payments Security Partner' at DSCI FINSEC Conclave 2024
- SISA Reimagines Cybersecurity with MXDR at RSA 2024
- SISA at NASSCOM-DSCI’s 18th Annual Information Security Summit 2023
- SISA at 2023 Asia-Pacific PCI Community Meeting
- SISA’s SecureXchange: The CISO meet on Ransomware Mitigation and Data Privacy
- SISA at 2023 North America PCI Community Meeting
- CISO Roundtable: Strengthening Cyber Defenses in the Face of Ransomware
- SISA at the 15th edition of the DSCI Best Practices Meet 2023
- Stay ahead with SISA’s forensics-driven cybersecurity solutions at RSA 2023
- SISA at the 3rd Annual CyberX Qatar Summit 2023
- SISA’s Forensics Learning Session - Cambodia
- SISA at NASSCOM-DSCI's 17th Annual Information Security Summit 2022
- Learn, Network, and Share on How to ‘Defend against ransomware attacks’ at the Arab International Cybersecurity Summit 2022
- SISA at the 21st World Congress of Accountants (WCOA) 2022 - Mumbai
- SISA at the 14th edition of the DSCI BEST PRACTICES MEET 2022
- Dharshan Shanthamurthy, Founder & CEO at SISA speaks at NASSCOM - DSCI's Cybersecurity Landscape for SMEs & Best Practices.
- SISA at 2022 North America PCI Community Meeting
- SISA at the Gulf Information Security Expo & Conference (GISEC) 2022, Dubai
- Payment Data Breach Live Simulation – Bangalore
- Payment Data Breach Live Simulation – Doha
- Payment Data Breach Live Simulation – Chennai
- SISA exhibits at Seamless Summit Asia 2019, Singapore
- SISA exhibits at PCI SSC 2019 North America Community Meeting, Canada
- SISA exhibits at PCI SSC 2019 Europe Community Meeting, Ireland
- SISA exhibits at PCI SSC 2019 Asia-Pacific Community Meeting, Australia
- VISA Security Summit – What COVID-19 has revealed about remote PCI DSS Implementation?
- Attend PCI SSC 2021 Global Community Forum
- SISA at DSCI’s 16th Annual Information Security Summit 2021
Weekly Threat Watch
- Cyber Flashpoint: Critical Threats Emerge Amid Israel-Iran Escalation
- Xanthorox AI – Rise of Autonomous Malicious AI
- Active Ransom Demands Issued by Medusa Ransomware Group
- Multistage CAPTCHA-Based Attacks Use mshta.exe to Deliver RATs and Stealers
- MarsSnake Malware Linked to Chinese Cyber Espionage Campaign Targeting Saudi Arabia
- Malicious NPM Package Uses Google Calendar as C2 Channel
- Pakistan‑Linked Cyber Threats: Advisory & Mitigation Steps
- Phishing Campaign Targets WooCommerce Users with Fake Patch
- SuperCard X: MaaS for Instant Financial Fraud
- Tycoon2FA PhaaS Platform Evolves with MFA Bypass and Stealth Tactics
- WinRAR Vulnerability (CVE-2025-31334) Enables Silent Malware Execution on Windows
- Sophisticated Web Skimmer Exploits Deprecated Stripe API to Steal Payment Data
- Betruger: Backdoor Powering RansomHub Ransomware Attacks
- Black Basta Ransomware Gang Unleashes ‘BRUTED’ to Automate VPN Attacks
- Cyber Threat Alert: Silk Typhoon Weaponizes IT Supply Chains for Widespread Intrusions
- Medusa Ransomware Claims 40+ Victims in 2025, Demands Ransoms Up to $15Mn
- Thousands of API Keys and Passwords Discovered in Publicly Available LLM Training Data
- Chinese Espionage Group Leverages Check Point Flaw for Advanced Persistent Attacks
- Massive Brute Force Attack Targets Networking Devices Using 2.8 Million IPs
- North Korean Hackers Exploits React-Powered C2 Infrastructure for Global Attacks
- Backdoor in Patient Monitors Enables Data Theft, Remote Code Execution via Chinese IP
- Critical SonicWall SMA1000 Zero-Day Flaw Allows RCE Exploitation
- Zero-Day Alert: Fortinet Firewalls Hijacked Through Critical Auth Bypass
- DoubleClickjacking: A New Exploit That Defeats Clickjacking Protections
- PAN-OS Critical Flaw Allows DDoS Attack Execution
- Microsoft MFA AuthQuake Flaw Exposes Accounts to Unlimited Brute Force Attacks
- Black Basta Ransomware Adopts Sophisticated Social Engineering Tactics
- Emerging Threat: Rockstar 2FA Phishing Service Targets Microsoft 365 Credentials
- Critical Alert: Over 2,000 Palo Alto Devices Compromised in Active Exploitation Campaign
- Helldown Ransomware Exploits Zyxel VPN Flaw to Target Corporate Networks
- Hackers Use ZIP Concatenation to Evade Detection on Windows Systems
- Windows Systems Compromised by Backdoored Linux VMs
- Black Basta Ransomware Uses MS Teams Impersonation to Breach Networks
- Qilin.B Ransomware Variant Gets a Major Upgrade
- GitLab Vulnerability Exposes CI/CD Pipelines to Arbitrary Execution
- Emerging Botnet "Gorilla" Launches Large-Scale DDoS Attacks Across Multiple Countries DDoS
- Stealthy "Perfctl" Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
- Chinese Hackers Exploit GeoServer Vulnerability to Deploy EAGLEDOOR in APAC Cyberattacks
- Threat Actor Leaks 440GB of Data in Fortinet Breach
- Threat Actors Use MacroPack to Spread Havoc, Brute Ratel, and PhantomCore
- Chrome Zero-Day Exploited by North Korean Hackers to Launch Rootkit
- New Linux Malware Exploits Udev Rules
- Lazarus Group Exploits Windows driver Zero-day Vulnerability
- Unpatched MS Office Vulnerability Leads to Potential Data Breaches
- Zero-day critical vulnerability discovered in Apache OFBiz
- Cloudflare Tunnels exploited to deliver Malware & avoid Detection
- Docker releases patches for critical authentication bypass flaw
- Fake hotfix distributes Remcos RAT amid CrowdStrike glitch
- Global agencies issue alert on APT40 cyber threat
- OpenSSH vulnerability 'regreSSHion' sparks urgent patching
- CosmicSting vulnerability exposes Adobe Commerce and Magento sites
- New 'Sleepy Pickle' exploit puts ML models at risk
- New PHP flaw exposes Windows servers to RCE attacks
- Massive cyberattack strikes 600K routers in the U.S.
- Fake antivirus sites using SEO poisoning to distribute malware
- ShrinkLocker ransomware hits corporations via BitLocker exploit
- Google addresses third Chrome zero-day in a week
- Critical Tinyproxy flaw puts over 50,000 hosts at risk
- Okta raises alarm over surge in credential stuffing attacks
- MITRE Corporation breached via Ivanti zero-day exploits
- Critical CVSS 10 vulnerability in PAN-OS sparks urgent action
- Raspberry Robin resurfaces with WSF file campaign
- Vultur Android banking Trojan returns with advanced features
- GitHub supply chain attack hits Top.gg and developers
- New phishing attack distributes NetSupport RAT via MS Office
- 12.8 million auth secrets leaked by GitHub users in 2023
- American Express issues credit card data breach alert
- LockBit ransomware evolves with advanced encryption tool
- Evolved Raspberry Robin targets systems with one-day exploits
- AnyDesk confirms server breach, urging password reset
- APT37 deploys RokRAT in campaign targeting North Korea experts
- Apple resolves 2024's first zero-day exploited via WebKit
- Citrix issues alerts for actively exploited zero-day vulnerabilities
- Hackers target MSSQL servers with RE#TURGENCE campaign
- Google MultiLogin exploit enables persistent unauthorized access
- Agent Tesla exploits MS Excel flaw in ongoing phishing attacks
- New JavaScript malware targets 50K bank users worldwide
- Lazarus hackers deploy new RATs via Log4j vulnerability
- Outlook flaw exploited by APT28 to breach Exchange accounts
- Google issues critical Chrome patch addressing active zero-day
- Intel releases patches for high severity 'Reptar' CPU vulnerability
- CISA issues critical warning on Juniper device vulnerabilities
- Lazarus hackers target crypto experts with KandyKorn malware
- 100 million RPS DDoS attack exploits HTTP/2 Rapid Reset Flaw
- Vietnamese hackers use DarkGate malware to target US entities
- WordPress plugin zero-day affects 200K sites
- Threat actors exploit Citrix NetScaler flaw for credential theft
- FBI warns of surge in dual ransomware attacks on U.S. firms
- Critical zero-day in Google Chrome sparks urgent patch
- DDoS attacks on IoT devices skyrocket in 2023
- Fake Telegram apps infect 10 million users with spyware
- New SuperBear trojan emerges in targeted phishing attacks
- JPCERT warns of new 'MalDoc in PDF' attack technique
- Zimbra email users face targeted credential theft attacks
- Rhysida ransomware group strikes healthcare institutions
- DDoS attacks by Bangladesh hacktivists target Indian infrastructure
- Abyss Locker ransomware targets VMware ESXi with Linux variant
- Akira ransomware strikes with devastating data extortion tactics
- AI-driven BEC attacks surge with new WormGPT tool
- TOITOIN Trojan targets Latin American businesses in a multi-stage attack
- Hackers exploit unpatched flaw in WordPress' Ultimate Member plugin
- MULTI#STORM campaign uses RATs to target India and the U.S.
- New supply chain attack exploits abandoned AWS S3 buckets
- Hackers target financial giants via AiTM phishing and BEC attacks
- Anonymous Sudan claims DDoS attacks on MS Outlook
- Lazarus hackers target vulnerable Windows IIS web servers
- FIN7 hackers return with Clop ransomware attacks
- Leaked Babuk source code sparks 9 different ransomware strains
- LockBit 3.0 leaks 600 GB of stolen data in a ransomware attack
- APT28 uses fake ‘Windows Update’ guides to steal information
- New SLP vulnerability enables amplified DDoS attacks
- Google releases patches for Chrome zero-day vulnerability
- Anonymous Sudan hacktivists target websites with DDoS attack
- Hackers exploit WordPress Elementor Pro vulnerability
- Clop abuses zero-day for a mass-ransomware attack
- YoroTrooper targets government organizations with espionage campaigns
- BatLoader distributes malware via Google Ads
- Microsoft releases patches for a vulnerability in MS Word
- GoDaddy gets breached in a multi-year campaign
- MyloBot malware targets Windows systems worldwide
- Microsoft fixes 3 zero-day vulnerabilities and 77 flaws
- A 9.4 CVSS score security vulnerability unearthed in Jira Server and Data Center
- Phishing campaigns via Google Ads target password managers to steal vault credentials
- Threat actors compromise machines and web servers with Golang-based malware and C2 framework
- Hackers spread Vidar and IcedID malware through cloned websites and targeted phishing attacks
- Blind Eagle and StrongPity hackers use sophisticated attack techniques to deploy malware
- YouTube bot and BitRAT malware trick users to steal sensitive information
- SISA Weekly Threat Watch - January 02nd, 2023
- SISA Weekly Threat Watch - December 26th, 2022
- SISA Weekly Threat Watch - December 19th, 2022
- SISA Weekly Threat Watch - December 12th, 2022
- SISA Weekly Threat Watch - December 05th, 2022
- SISA Weekly Threat Watch - November 28th, 2022
- SISA Weekly Threat Watch - November 21st, 2022
- SISA Weekly Threat Watch - November 14th, 2022
- SISA Weekly Threat Watch - November 07th, 2022
- SISA Weekly Threat Watch - October 31st, 2022
- SISA Weekly Threat Watch - October 24th, 2022
- SISA Weekly Threat Watch - October 17th, 2022
- SISA Weekly Threat Watch - October 10th, 2022
- SISA Weekly Threat Watch - October 03rd, 2022
- SISA Weekly Threat Watch - September 26th, 2022
- SISA Weekly Threat Watch - September 19th, 2022
- SISA Weekly Threat Watch - September 12th, 2022
- SISA Weekly Threat Watch - September 5th, 2022
- SISA Weekly Threat Watch - August 29th, 2022
- SISA Weekly Threat Watch - August 22nd, 2022
- SISA Weekly Threat Watch - August 15th, 2022
- SISA Weekly Threat Watch - August 8th, 2022
SISA is a Leader in Cybersecurity Solutions for the Digital Payment Industry. As a Global Payment Forensic Investigator of the PCI Security Standards Council, we leverage forensics insights into preventive, detective, and corrective security solutions, protecting 1,000+ organizations across 40+ countries from evolving cyberthreats.
Our suite of solutions from AI-driven compliance, advanced security testing, agentic detection/ response and learner focused-training has been honored with prestigious awards, including from Financial Express, DSCI-NASSCOM and The Economic Times.
With commitment to innovation, and pioneering advancements in Quantum Security, Hardware Security, and Cybersecurity for AI, SISA is shaping the future of cybersecurity through cutting-edge forensics research.
