Security Experts:

Mandeep Khera's picture

Mandeep Khera

Mandeep Khera is the Chief Marketing Officer at LogLogic. Prior to LogLogic, he was at Cenzic, a Web Application Security software and Cloud company, where he served as the CMO for 8 years. He has more than 25 years of diversified experience in marketing, engineering, business development, sales, customer services, finance and general management for companies such as VeriSign, Hewlett-Packard, Unisys, and many start-ups. You can follow him on Twitter at @appsecurity

Recent articles by Mandeep Khera

  • Merchants who are required to be PCI-DSS Compliant will have to get their validation under provisions of PCI-DSS 2.0 by December 31st, 2011. What are some of the key changes in PCI-DSS 2.0? Are you ready?
  • While SSL is a great technology to ensure that consumers’ browsers are communicating to the businesses’ servers in an encrypted manner, and ensuring that these are legitimate businesses, it doesn’t prevent from the hacking the websites through vulnerabilities in Web applications.
  • I'm not sure how many people are aware of NCSAM because most are interested in news coming from Apple rather than cyber security. What can you do to protect your organization? And what can you pass along to your employees to help protect them while connected both in and outside of the office? Here some things to consider.
  • For Cloud services, top concerns continue to be security, performance, and availability. The key security issues from customers’ point of view seem to be around security defects in the technology itself, unauthorized access to customer information, encryption, application security, identity management, virtualization security etc.
  • So, what can your businesses do to protect against the increasing number of hacking attacks? You need to follow the ABCs of Web Application Security – Assessment, Blocking, and Correction of Vulnerabilities in the long-term. Here are some ideas how to do that in more detail.
  • At best, companies are tinkering with their Web security issues instead of attacking them head-on. What more proof do we need that it’s a war out there? It’s time to wake up. Either you fight to protect your property or surrender and let looters take what they want.
  • A look at the some of the existing regulations and why these haven’t been a driving force for organizations to improve security for their websites. We don’t necessarily need another new regulation but it’s time to update all the old standards to provide more clarity and enforcement guidelines around protecting Web infrastructure.
  • Hackers believe in equal-opportunity and would attack any application that has security weaknesses in them. Why is it that in spite of all the risks, organizations are not taking extra measures to protect all their Web applications?
  • The IT industry in general loves acronyms because it’s generally appealing to geeks, but the information security space might even be slightly more obsessed with acronyms.
  • With network infrastructure only fairly secure, hackers are going after the weakest link. Here's how to raise the bar so hackers have to work harder to get through.