Firesec is a comprehensive solution for firewall rulebase analysis in medium to large enterprise environments. It addresses the problems inherent with large rule sets and helps purge and update a rule base as per network requirements. Firesec provides multiple functions such as removing redundant rules, grouping similar rules, and searching for vulnerable rule patterns.
Organizations invest large amount of money in building network infrastructures to support their business goals and objectives. With the increase in the number of users in an organization, managing the users and devices in the network and securing them has become complex thus making it difficult to deal with security issues.
The links below highlight some of the coolest projects we have done and showcase our abilities to innovate, ensure quality and deliver customer satisfaction:
The book talks about how to use Wireshark to analyze numerous attacks on network security, perform malware analysis and takes up CTF challenges and provide comprehensive solutions for them.
Vivek Mahajan from IIS Chandigarh center conducted the "Information Security Seminar" at Gulzar Group of Institutes on 25th February, 2015.
Institute of Information Security wins the “Education Leadership Award” at the 7th Innovative B-School awards presented by DNA
NII’s Founder and Principal Consultant Mr. K. K. Mookhey’s Candid interview on the SCIT Publications Reflections. Interview published here https://reflections.scit.edu/?p=2109
Senior Security Analyst Sunil Yadav get entry into March issue 2014 of Nokia Hall of Fame for reporting Web Service Authorization Issue in Nokia web application. Hall of Fame published here https://www.nokia.com/global/security/acknowledgements/
NII's senior security analyst Omair received acknowledgement from Microsoft security advisory for reporting Remote Code Execution vulnerability in Direct 2D. Advisory published here https://technet.microsoft.com/en-us/security/bulletin/ms14-007
NII's Manager (Assessment) Taufiq Ali got acknowledgement from Microsoft for his security finding in December 2013
NII's security analyst Shrikant Antre's article 'From SQL Injection to 0wnage Using SQLMap' published in recent issue of PenTest Magazine
Cookie Authentication Bypass Vulnerability in Tenda W309R Wireless Router "admin" reported by IIS Head Trainer & Security Researcher Sanoop Thomas. A vulnerability has been reported in Tenda W309R Wireless Router, which can be exploited by malicious people to bypass certain security restrictions.
IIS Head Trainer & Security Researcher Sanoop Thomas has successfully discovered & notified AspxCommerce Logo Module Arbitrary File Upload Vulnerability to Secunia Product. A vulnerability has been discovered in AspxCommerce, which can be exploited by malicious people to compromise a vulnerable system.
Our senior security analyst Omair is conducting workshop at ZeroNights 2013 infosec conference. Topic for workshop is Fuzzing Practical Applications.
NII's founder K.K.Mookhey & security analyst Rohit Salecha delivered presentation on 'Web Application Security – Getting Coders to Code Securely' at OWASP India 2013 conference. You can access the presentation from here.
Recently Security Assessments Team Lead of NII Omair reported three critical Internet Explorer Memory Corruption Vulnerabilities patched today by Microsoft. Vulnerabilities codes for reported bugs are CVE-2013-3118, CVE-2013-3124 & CVE-2013-3125. Click here to read bulletin on Microsoft Security TechCenter portal https://technet.microsoft.com/en-us/security/bulletin/ms13-047
NII's Network Intelligence has just been added to the list of official QSAs for India, Central Europe, Middle East and Africa! While we have been doing numerous PCI DSS and PA DSS consulting engagements, acquiring QSA status gives us the ability to also sign-off on the compliance levels of merchants, service providers and Banks.
NII's Tead Lead, Security Assessment Sunil Yadav received acknowledgment for reporting vulnerability in LinkedIn Authorization Read here Authorization Bypass on LinkedIn
NII Consulting's security assessment manager Taufiq Ali featured on Tech2 India Magazine article 'Upgrade your IT career – Skills you need'. Read here https://tech2.in.com/features/general/upgrade-your-it-career-skills-you-need/854622/0#story
Sunil Yadav, Security Researcher from InR Labs (Research & Development Wing of new/IIS) responsibly disclosed critical vulnerability in Microsoft SharePoint (CVE-2013-0083). Read here https://technet.microsoft.com/en-us/security/bulletin/ms13-024
SecurityByte 2011 is the India's largest security conference being held in Bangalore, India from September 6th - 9th. The idea is not only to share between each level but to understand some of the challenges each role has with the other. Much like any other conference, SecurityByte also has a CTF and exhibition area for vendors to connect with all these people so that not only can they hire people but also showcase and sell their products and services.
EDGE - Enterprises Driving Growth and Excellence (using IT) is an initiative by InformationWeek to identify, recognize and honour end-user companies in India that have demonstrated the best use of technology to solve a business problem, improve business competitiveness, and deliver quantifiable ROI to stakeholders.
We were most pleased when one of our marquee customers – Sharekhan Ltd. – won this award in Sep 2011. As the country’s leading online share trading firm, Sharekhan won this award in conjunction with Network Intelligence for their implementation of CodeSecure as a source code review solution, combined with regular penetration tests, trainings to the developer teams and implementation of secure design practices.
We were happy to organize this year’s successful event Web War CTF IV at the SecurityByte Conference 2011. To get the insight of this event, click here.
Our Principal Consultant, Mr. K. K. Mookhey is invited to speak at Interop 2011. The topic of discussion - "Advanced Persistent Threats".
