USA
India
APAC
Middle East
Global
Facebook
Linkedin 
Twitter
Youtube
Pages
- About Sisa
- Become Partner
- BH – Home
- Blogs
- Careers
- Compliance
- Cyber Resilience
- Data Protection
- Enquiry
- Enquiry – Thank you
- Expert Corner – A Comprehensive Guide to Log4j Vulnerability & Combat Techniques
- Home
- IN – Home
- login
- Management Team
- Newly Launched: SISA’s Knowledge Lounge
- News Room
- Privacy Policy
- Resources
- Security Testing
- SG – Home
- SISA Institute
- Sisa News
- Sitemap
- Terms of Use
- Thank You
- Thank You – Brochure
- Thank You – Case Study
- Thank You – InfoSec Report
- Thank You – Security Advisory
- Thank You – Webinar Q&A
- Thank You – White Paper
- Training
- Certified Professionals
- Forensic Learning Session
- Get Certified
- Advisory Groups
- Application
- Certification Policies
- Appeal and Complaint Policy
- Certification Policy & Candidate Handbook
- Declaration of Impartiality
- Eligibility Policy
- Exam Development Policy
- Exam Extension Policy
- Exam Feedback and Challenge Policy
- Exam Retake Policy
- Logo usage guidelines
- Privacy & Information Release Policy
- Special Accommodation Policy
- Suspension, Withdrawal & Recertification Policy
- Violation of Ethics Policy
- Certification Support
- Certifications
- Payment Data Security Programs
- Security Incident Detection and Response Programs
- SISA Digital Badges
- SISA Institute – Workshop Calendar
- Training and Certification Store
- US – Home
Infosec Reports
Posts by category
- Category: Blogs
- SEC’s New Cybersecurity Rules: What Investors and Companies Need to Know
- Navigating the Transition to PCI DSS 4.0: Timelines, Goals, and Best Practices
- Qatar’s leap in data security: Decoding the National Data Classification Policy
- Decoding the top 5 cybersecurity risks of generative AI
- The six phases of threat intelligence lifecycle
- A New Age of Privacy: Understanding India’s Digital Personal Data Protection Bill 2023
- Penetration Testing vs. Red Teaming Exercise: Understanding the Key Differences
- What is the critical zero-day vulnerability in Citrix ADC and Gateway and how to mitigate it
- Guarding the IoT Frontier: Exploring IoT Security Testing for Robust Defenses
- Understanding Sensitive Data: Types, Risks, and Protection Measures
- Evaluating the benefits of MDR service vs In-house SOC
- An introduction to SBOM: Role and importance in software security
- Continuous Pentesting vs. Traditional Pentesting: A Comparative Analysis
- 4 types of cyber threat hunting tools
- 7 Key steps to build an effective Data Classification framework
- 3-Step Guide on Cyber Threat Hunting using Machine Learning Algorithms
- Tokenization Made Simple: Leveraging PCI DSS 4.0 Training for Effective Implementation
- The changing role of Initial Access Brokers (IABs) in Ransomware-as-a-Service
- Best practices for implementing MFA to combat Brute-forcing attacks
- The OWASP IoT top 10 vulnerabilities and how to mitigate them
- The importance of 3D Secure for payments data security
- A guide to Data Classification types and levels
- Data Discovery: Secure Your Data and Your Business
- 5 reasons your business needs MDR solution for proactive cybersecurity and compliance
- Incident Response Plan: A Guide to Cybersecurity
- How can an enterprise meet data privacy needs with automated data discovery and classification
- Cybersecurity awareness training – Challenges and Benefits
- The Top 5 Tenets of Zero Trust Security
- Cybersecurity regulations shaping the future of fintech services in Singapore
- Decoding the Salient Features of India’s Digital Personal Data Protection Bill, 2022
- Six Best Practices to Achieve Compliance with PCI DSS 4.0
- Top 4 application security trends that can’t be ignored
- Adversary-in-the-Middle (AiTM) phishing attack: Key tactics and defense strategies
- Point of View – Learnings from the Uber Breach
- The rising threat of Browser Automation Framework: All you need to know!
- Ransomware-as-a-Service: How Cybercriminals Are Making It Easier Than Ever to Launch Attacks
- CERT-In Directive – A Step to Strengthen India’s Cybersecurity Posture
- Decoding the Anatomy of a Ransomware Attack
- Reinforcing Your Enterprise’s Data Security with Data Discovery and Classification
- PCI DSS 4.0 – Key Changes Affecting Merchants and Service Providers and How They Should Respond?
- Everything You Need to Know about Data Discovery and Data Classification
- Decoding the Top Trends and Intruder Actions in Data Breaches
- How are Ransomware Gangs evolving their game and strategy?
- SISA’s Top 5 Forensic-driven Learnings for 2022 to Secure Against Evolving Threats
- The All-New Customized Approach to PCI DSS: Understanding the Key Tenets, Applicability, and Requirements
- All Your Questions on PCI DSS 4.0, Answered
- PCI DSS 4.0: A Paradigm Shift to Continuous Compliance, Customization, and More
- Rising MFA Exploits And Best Practices To Mitigate Them
- The Curtain Rises: Unveiling PCI DSS 4.0
- Prepare to embrace continuous compliance with PCI DSS 4.0
- Understanding Real-Time Data Protection Challenges with Industry Experts
- Why Discovering Sensitive Data is More Important Than Ever
- RBI’s Tokenization Circular Update – The What, Why and How
- What is a Business Continuity Plan and Why your Company Needs One?
- Rapid Attack Remediation and Cyber Risk Management – Panel Discussion with ISACA Singapore
- VIDIVA Transforms Payment Security – PCI DSS Assessment by SISA
- How to Comply with GDPR Guidelines? Your Complete GDPR Guide
- Key Insights: Decoding RBI instructions on Card Payments Security
- Addressing Existential Cyber Risks in Financial Institutions
- Data Protection and Cybersecurity Regulations in Singapore
- AI in Cybersecurity: Incident Response Automation Opportunities
- Indicators of Behavior: A Shift to Cyber Resilience
- Data Classification: A necessity to secure your business
- 6 Reasons Why You Need Incident Response as a Service
- What is Threat Hunting in cybersecurity domain
- Multinational Restaurant Chain Data Breach – Things You Should Know
- Cyber Resilience in the Aviation Industry
- Nagios XI Security Vulnerabilities Exploited to Run Cryptomining Malware
- MITRE ATT&CK Framework: All you need to know
- Data Discovery for Securing Sensitive Data on the Cloud
- 5 Reasons Why You Should Pursue CPISI 2.0 Certification
- 5 Most Common Application Vulnerabilities and How to Mitigate Them
- Zeoticus 2.0 Ransomware – All You Need to Know
- Nefilim Ransomware
- PCI DSS – 5 Most Commonly Observed Control Failures
- MineBridge Malware Puts Companies on High Alert | Threat Spotlight
- Do You Need to Adhere to PCI PIN Security Requirements?
- How Can CISOs Easily Adopt Zero-Trust Security?
- How to Detect and Prevent DNS Hijacking?
- Introduction to PCI Software Security Framework (SSF)
- GDPR Compliance and Significance of Securing PII
- Secure organization’s data with Managed Detection and Response (MDR) for remote workers
- Insider Threat: Human Vulnerabilities Resulting in Cyber Attacks
- Importance of Log monitoring and Threat Landscape
- 9 Things to Keep in Mind while Choosing a SIEM Solution
- Two Massive Data Breaches in a Span of Two Weeks. What are the Lessons to Learn?
- Ways to Reduce Rising Email Based Threats and Uphold Better Data Security
- Online Skimming – The Emerging Payment Card Fraud
- How Organizations can Safeguard Personal Identifiable Information (PII) Data
- Reconnaissance – the Eagle’s Eye of Cyber Security
- Why do organizations need to invest in PCI DSS awareness training?
- Everything you Wanted to Know About PCI SAQ (Self-Assessment Questionnaire)
- How Data Discovery Tools Can Help Zero-in on Data Non-Compliance
- How to Protect your Organization from a Potential Data Breach
- The Biggest Info-Security Learning from 2018
- Cryptojacking – Threat, Impacts and how to protect business from becoming a victim
- 5 Key Factors for Choosing the best MDR Solution Providers
- Why you should upgrade your MDR solution in 2019
- Securing your organization with credential-based vulnerability assessment
- Mitigating Data Breaches in Payment Security with SISA’s PaySIRF
- Top 5 Considerations in PCI DSS Card Data Discovery
- Cyber Security Risks In Social Media Banking
- PCI Standards for India’s Emerging Digital Payment Modes
- 8 Steps to Protect Your Organization from Fake Response Malware
- PCI SSC Announces the GEAR Members
- Norm on Storage of Payment System Data by RBI
- Maintaining Sustainable PCI DSS Compliance
- How to Secure Mobile Payment Applications
- Scoping for PCI DSS Compliance
- EMV and PCI DSS – Complementing or competing standards?
- Getting Ready for Cyber Security
- Understanding PCI DSS Penetration Test Guidance v1.0
- PCI DSS for e-Commerce/m-Commerce: Challenges and Remediations
- Information Security Facet of Data Protection Act UK
- Evolving trends in Payment Card industry
- POS Malware (Stealth tool to steal the valuable Card Details in your Pocket)
- Adobe Flash Zero-Day Vulnerability – Operation Clandestine Wolf by FireEye
- Judgment Day – Quashing of Section 66A of IT (Amendment) Act 2008
- SSL is Dead: What to do for PCI DSS Compliance
- Healthcare Interoperability – Privacy & Security
- Internet of Things – The Changing Information Landscape
- Risk Assessment Challenges and Opportunities
- Why to integrate PCI DSS and HIPAA?
- Risk Analysis – Success Factor for HIPAA Compliance
- How to Combat Card Data Breaches?
- Reasons Why Your PCI Compliance May Fail (and How to Fix It)
- Have Indian Companies Got It Right On Payment Card Security?
- Android, is it Secure?
- NFC payment – New milestone in Payment Industry
- How to Choose the best PCI Compliance Service Provider
- Comparison between ISO 27005, OCTAVE & NIST SP 800-30
- Detecting Card Numbers
- Combat social engineering attacks with these mantras
- Identifying Web Application Firewall in a Network
- Category: Event
- Category: Executive Perspectives
- Category: Infographics
- Category: Press Release
- Category: Reports
- Category: Success Story
- Category: Threat-a-licious
- Category: Uncategorized
- Bridging Cybersecurity Talent Gap with Training, Certifications
- Why is being compliant with data protection laws necessary?
- Evolution of Managed Detection and Response (MDR)
- 10 Types of Security Testing Techniques
- A Complete Guide to Ensure Cyber Security Compliance
- PIPKA Advisory
- Emotet Malware
- PCI DSS Controls for Work from Home setup
- Maze.Ransomware – New Destructive Malware Strain
- REvil Ransomware AKA Sodinokibi (RaaS)
- ProLock Ransomware
- ColdLock Ransomware
- Panther Ransomware
- MosaicRegressor Malware
- Ghimob malware can spy on 153 Android mobile applications
- SolarWinds Fallout: How The Sunburst Attack Happened
- Clop Ransomware: Don’t Think It Can Happen to You?
- How to Prevent a Potential Fortinet FortiOS Breach: All You Need to Know
- Codecov Breach: All Questions Answered
- DarkSide Ransomware Operations
- Category: Webinar
- Category: Weekly Threat Watch
- Category: White Papers
Case Studies
- A global payments solutions provider uses SISA's ProACT MDR solution to improve threat detection and response
- SISA helps a leading bank in the Middle East achieve PCI DSS compliance for branches in Egypt and Qatar
- SISA’s forensics-driven consultative approach to application security helps a global service provider mitigate critical security vulnerabilities
- SISA’s comprehensive red teaming assessment helps a leading cooperative bank uncover critical security flaws and improve defences
- SISA helps a global cloud-based solutions provider mitigate IoT device vulnerabilities
- SISA ProACT’s cloud-based MDR solution helps neobank improve real-time threat detection and response
- SISA’s forensics-driven MDR solution helps Club Prophet improve monitoring of workloads on Google Cloud Platform
- An American healthcare MNC strengthened its data security policy by integrating SISA Radar with DLP solutions
- SISA’s cloud-based MDR solution helps Paytia improve threat monitoring and incident response
- SISA Radar’s customized solutions helped an Indian fintech company streamline sensitive data discovery and classification to achieve compliance
- SISA’s two-phased assessment helps a global provider of laboratory-specific software solutions achieve defence-in-depth security for cloud environment
- SISA’s training-led multi-phase assessment helps BRAC bank successfully achieve PCI DSS compliance
- Hong-Kong based Insurance MNC Leverages SISA Radar to Reinforce Sensitive Data Discovery and Classification
- SISA’s ProACT MDR platform helps a leading bank in Africa improve its threat hunting and incident response
- SISA’s consultative approach helped a GCC banking major ease PCI compliance journey and improve security posture
- A leading Indian private sector bank achieves compliance and secures sensitive data with SISA Radar
- SISA Radar helps optimize sensitive data discovery and storage for MEA-based payments processor
- Simplifying PCI DSS Certification and Bolstering Security with SISA Radar – Data Discovery Tool
- Structured Approach to Multi-Location PCI DSS Compliance for Better Time Management
- Helping Legacy Bank Achieve PCI Compliance in Record Six Months
- Mitigating Potential Data Breach through Lateral Movement Hunting
- Mitigating Privilege Escalation Attack by User Behaviour Analysis and Threat Hunting
- Reinforcing email security by building an improved security architecture
- Enhancing the Security Posture of an Insurance Company with VAPT
- Securing Valuable Healthcare Data Assets by Performing High-Level VAPT
- Leading Bank Embraces Data Discovery to Transform its Compliance Governance
- Leading BPO Transforms Its Application Security Approach, Forever
White Papers
- Data security challenges in hybrid cloud and six best practices to overcome them
- SISA Canvas Edition 2 - Cybersecurity conversations for a safer tomorrow
- Threat Hunting 101 - A Comprehensive eGuide
- Zero trust security is not a ‘quick fix’ but a new cybersecurity paradigm
- Ransomware eBook - Be the Hunter, Not the Hunted
- SISA CANVAS: Cybersecurity conversations for a safer tomorrow
- DIGITIZATION IN UAE | An Answer to the Rising Threats and Vulnerabilities
- RBI Comprehensive Cyber Security Framework for Primary (Urban) Cooperative Banks: A Graded Approach
- NPCI Circular – Third Party Payment Application Providers (TPAP)
- RBI Guidelines on Tokenization in Card transactions
- RBI Cyber Security Framework for Scheduled Commercial Banks (SCBs)
- RBI Information System (IS) Audit
- RBI Guidelines on Regulation of Payment Aggregators & Payment Gateway
- RBI System Audit Report (SAR Audit)
- NPCI System Audit Report (SAR Audit)
- RBI Issues Master Direction on Digital Payment Security Controls
- RBI PPI Technical Security Audit Compliance in Cloud
- The Evolution of PCI 3D Secure and what’s next?
- A practical application of AI and Data Analytics to improve effectiveness of SOC
- Detecting a Fake Response Malware Attack
Webinars
- Trends In Privacy Regulations in Asia Pacific and the Role of Data Governance
- Transitioning to PCI DSS v4.0
- Understanding the Art of PIN Security during Transactions
- Role of Data Classification in Meeting Privacy Regulations in India’s BFSI Sector
- PCI DSS Scoping and Segmentation on Cloud
- Transitioning to PCI DSS 4.0
- PCI DSS 4.0 - A step towards a better cybersecurity posture
- Data Privacy trends in 2023 & their impact on data security strategy
- Payment Security Landscape: Trends, Challenges & Learnings
- Panel Discussion: Application Security in Payments World; is it different?
- Outsmart Ransomware with SISA's Key Prevention and Response Strategies
- PCI DSS 4.0 - A Transformational and Technology Driven Future for Payments
- Fireside Chat on PCI DSS 4.0: A Paradigm Shift to Continuous Compliance, Customization, and More
- Reinventing Indian Financial Ecosystem with Cryptocurrencies | A Cyber Security Approach
- Data Protection - 5 real-time challenges businesses need to be prepared for.
- RBI’s Tokenisation Circular Latest Update – What do you need to know?
- What is Apache Log4j vulnerability (CVE-2021-44228) and how it can impact you?
- Fireside Chat with Jeff Vinson on Ransomware Resiliency
- Panel Discussion: Decoding RBI’s Circular on Tokenisation
- ISACA Singapore: Improving Resilience with Rapid Attack Remediation and Cyber Risk Management
- Panel Discussion: Breaking Down Data Leaks and Data Security
- Panel Discussion: Addressing the Rising Risk in Mobile and Internet Banking
- Webinar: MAS Revised Guidelines for Risk Management – Get Compliant and Stay Resilient
- Panel Discussion: Decoding RBI instructions on Card Payments Security
- Webinar: New RBI Guidelines – How it Affects Payment Gateways and Aggregators
- USA Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- SAARC Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- Webinar: Threat Hunting – A Quick Guide for Analyzing Dynamic Threat Environments
- Webinar: RBI Master Direction for Financial Institutions: Get your assessment done.
- Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- Webinar: Staying Resilient to Breaches and Ensuring PCI DSS Compliance
- PCI SSF is replacing PA DSS. What’s your next step?
- RBI’s Master Direction on Digital Payment Security Controls – Panel Discussion
- Preventing Human Errors in Cybersecurity
- 5 Power Tips to Ensure Cloud Security in 2021
- The Top 10 Cybersecurity Stories of 2020 | Lessons We Learnt
- Preventing a Ransomware Attack Is Within Our Reach
- Cyber risk is everywhere. Where to look and what to look for?
- Exploring PCI Software Security Standards Framework
- SISA’s Top 5 Forensic Driven Learnings – Report Launch and Panel Discussion
- The Complete Guide to Strengthen Incident Response Plan: Mitigating the Current Day Threats
- Tackling End-Point Security Risks with Risk Assessment
- CyberSec Code Black – MDR to Rescue
- Work-from-Home: Implications & Strategies to Remain Compliant with PCI Standards
- The Jack of Payment Card Industry – PCI PIN Security
- Evolving Payment Security Standards – Expectation and Implications
- PCI Software Security Standards Framework, an evolution away from PA DSS
- Lessons Learned from Data Breaches in 2018
- Nine Yards of PCI PIN Security Requirements
- How to secure Mobile Payment Application
- Integrating PCI Compliance with HIPAA
- Decoding Key Management for PCI DSS
- Risk Analysis for HIPAA: Tool for Optimal Security
- Panel Discussion | Future of Digital Risk Management for Financial Institutions
Events
- SISA’s SecureXchange: The CISO meet on Ransomware Mitigation and Data Privacy
- SISA at 2023 North America PCI Community Meeting
- CISO Roundtable: Strengthening Cyber Defenses in the Face of Ransomware
- SISA at the 15th edition of the DSCI Best Practices Meet 2023
- Stay ahead with SISA’s forensics-driven cybersecurity solutions at RSA 2023
- SISA at the 3rd Annual CyberX Qatar Summit 2023
- SISA’s Forensics Learning Session - Cambodia
- SISA at NASSCOM-DSCI's 17th Annual Information Security Summit 2022
- Learn, Network, and Share on How to ‘Defend against ransomware attacks’ at the Arab International Cybersecurity Summit 2022
- SISA at the 21st World Congress of Accountants (WCOA) 2022 - Mumbai
- SISA at the 14th edition of the DSCI BEST PRACTICES MEET 2022
- Dharshan Shanthamurthy, Founder & CEO at SISA speaks at NASSCOM - DSCI's Cybersecurity Landscape for SMEs & Best Practices.
- SISA at 2022 North America PCI Community Meeting
- SISA at the Gulf Information Security Expo & Conference (GISEC) 2022, Dubai
- Payment Data Breach Live Simulation – Bangalore
- Payment Data Breach Live Simulation – Doha
- Payment Data Breach Live Simulation – Chennai
- SISA exhibits at Seamless Summit Asia 2019, Singapore
- SISA exhibits at PCI SSC 2019 North America Community Meeting, Canada
- SISA exhibits at PCI SSC 2019 Europe Community Meeting, Ireland
- SISA exhibits at PCI SSC 2019 Asia-Pacific Community Meeting, Australia
- VISA Security Summit – What COVID-19 has revealed about remote PCI DSS Implementation?
- Attend PCI SSC 2021 Global Community Forum
- SISA at DSCI’s 16th Annual Information Security Summit 2021
Weekly Threat Watch
- Critical zero-day in Google Chrome sparks urgent patch
- DDoS attacks on IoT devices skyrocket in 2023
- Fake Telegram apps infect 10 million users with spyware
- New SuperBear trojan emerges in targeted phishing attacks
- JPCERT warns of new 'MalDoc in PDF' attack technique
- Zimbra email users face targeted credential theft attacks
- Rhysida ransomware group strikes healthcare institutions
- DDoS attacks by Bangladesh hacktivists target Indian infrastructure
- Abyss Locker ransomware targets VMware ESXi with Linux variant
- Akira ransomware strikes with devastating data extortion tactics
- AI-driven BEC attacks surge with new WormGPT tool
- TOITOIN Trojan targets Latin American businesses in a multi-stage attack
- Hackers exploit unpatched flaw in WordPress' Ultimate Member plugin
- MULTI#STORM campaign uses RATs to target India and the U.S.
- New supply chain attack exploits abandoned AWS S3 buckets
- Hackers target financial giants via AiTM phishing and BEC attacks
- Anonymous Sudan claims DDoS attacks on MS Outlook
- Lazarus hackers target vulnerable Windows IIS web servers
- FIN7 hackers return with Clop ransomware attacks
- Leaked Babuk source code sparks 9 different ransomware strains
- LockBit 3.0 leaks 600 GB of stolen data in a ransomware attack
- APT28 uses fake ‘Windows Update’ guides to steal information
- New SLP vulnerability enables amplified DDoS attacks
- Google releases patches for Chrome zero-day vulnerability
- Anonymous Sudan hacktivists target websites with DDoS attack
- Hackers exploit WordPress Elementor Pro vulnerability
- Clop abuses zero-day for a mass-ransomware attack
- YoroTrooper targets government organizations with espionage campaigns
- BatLoader distributes malware via Google Ads
- Microsoft releases patches for a vulnerability in MS Word
- GoDaddy gets breached in a multi-year campaign
- MyloBot malware targets Windows systems worldwide
- Microsoft fixes 3 zero-day vulnerabilities and 77 flaws
- A 9.4 CVSS score security vulnerability unearthed in Jira Server and Data Center
- Phishing campaigns via Google Ads target password managers to steal vault credentials
- Threat actors compromise machines and web servers with Golang-based malware and C2 framework
- Hackers spread Vidar and IcedID malware through cloned websites and targeted phishing attacks
- Blind Eagle and StrongPity hackers use sophisticated attack techniques to deploy malware
- YouTube bot and BitRAT malware trick users to steal sensitive information
- SISA Weekly Threat Watch - January 02nd, 2023
- SISA Weekly Threat Watch - December 26th, 2022
- SISA Weekly Threat Watch - December 19th, 2022
- SISA Weekly Threat Watch - December 12th, 2022
- SISA Weekly Threat Watch - December 05th, 2022
- SISA Weekly Threat Watch - November 28th, 2022
- SISA Weekly Threat Watch - November 21st, 2022
- SISA Weekly Threat Watch - November 14th, 2022
- SISA Weekly Threat Watch - November 07th, 2022
- SISA Weekly Threat Watch - October 31st, 2022
- SISA Weekly Threat Watch - October 24th, 2022
- SISA Weekly Threat Watch - October 17th, 2022
- SISA Weekly Threat Watch - October 10th, 2022
- SISA Weekly Threat Watch - October 03rd, 2022
- SISA Weekly Threat Watch - September 26th, 2022
- SISA Weekly Threat Watch - September 19th, 2022
- SISA Weekly Threat Watch - September 12th, 2022
- SISA Weekly Threat Watch - September 5th, 2022
- SISA Weekly Threat Watch - August 29th, 2022
- SISA Weekly Threat Watch - August 22nd, 2022
- SISA Weekly Threat Watch - August 15th, 2022
- SISA Weekly Threat Watch - August 8th, 2022
SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive, detective, and corrective cybersecurity solutions. Our problem-first, human-centric approach helps businesses strengthen their cybersecurity posture.
Industry recognition by CREST, CERT-In and PCI SSC serves as a testament to our skill, knowledge, and competence.
We apply the power of forensic intelligence and advanced technology to offer true security to 2,000+ customers in 40+ countries.
