Information Security Blog

Welcome to our Information Security blog!

This blog is for CIOs, managers, and security professionals who are looking to enhance their cybersecurity posture. Stay updated on emerging kinds of cybersecurity threats, cyber protection methods, and various security testing types by reading short and informative articles from our ethical hackers and security consultants.

All the articles are based on our hands-on experience in providing security and compliance services to businesses in 30+ industries, including healthcare, BFSI, retail, manufacturing, and telecoms. Bookmark to stay on top of the latest cybersecurity trends!

Serguei Tchesnokov

Information Security

Indicators of Compromise: Their Role in a Company’s Information Security

What role do indicators of compromise play in a company’s information security? ScienceSoft answers the question.

Nov 3, 2017

Ulad Murashka

Cybersecurity Expert, CEH

Information Security

Source Code Review vs. Penetration Testing for Web Application Security

Learn about source code review and penetration testing. The two approaches help to assess a web application’s security.

Sep 28, 2017

Ulad Murashka

Cybersecurity Expert, CEH

Information Security

Different Types of Penetration Testing and Why You Need Them

Information security providers usually offer several types of penetration testing: black box, white box and gray box. What is the backbone of each type? What are the advantages and disadvantages? Let’s take a closer look.

Sep 8, 2017

Serguei Tchesnokov

Information Security

Traffic Pattern Analysis Inside Out

A guide to the abilities and limitations of network traffic pattern analysis to detect APT and other security threats.

Aug 12, 2017

Dmitry Nikolaenya

Cybersecurity Expert

Information Security

Magic Out-of-the-Box – Does It Apply to SIEM Solutions?

Our information security consultants give you the checklist to decide whether to replace or just upcycle your out-of-the-box SIEM system

Jun 6, 2017

Dmitry Nikolaenya

Cybersecurity Expert

Information Security

No Wanna – No Cry or the Ways to Prevent Ransomware Attacks

There are ways to prevent or, at least, minimize the harm of WannaCry or suchlike attacks, as experts providing information security consulting say.

May 30, 2017

Serguei Tchesnokov

Information Security

Detecting APT Activity with Network Traffic Analysis

APT protection has recently become a byword as thousands of organizations keep facing network intrusions. The article focuses on network traffic analysis as a major means to detect advanced persistent threats.

May 26, 2017

Dmitry Nikolaenya

Cybersecurity Expert

Information Security

What Can Go Wrong with SIEM Correlation Rules?

Four issues with SIEM correlation rules may make your security system vulnerable to potential cyber threats. The following article describes them in detail.

May 11, 2017

Dmitry Nikolaenya

Cybersecurity Expert

Information Security

Information Security Breaches? - Security Event Sources to Blame

Sometimes, SIEM system is not a pillar of network security. Unless addressed timely, problems with event sources may put it at considerable risk.

May 2, 2017

Dmitry Nikolaenya

Cybersecurity Expert

Information Security

How SIEM Helps to Reveal Ransomware in the Workplace, and Why Go For It

Ransomware is a burning issue for businesses. Here’s the guide to enable its detection with SIEM technology.

Feb 1, 2017

Serguei Tchesnokov

Information Security

Chasing Spyware with a SIEM Solution to Pull the Plug on an APT

A guide to why and how to detect spyware for taking on an APT in a corporate network with a SIEM system.

Jan 23, 2017

Serge Pukhaev

Project Manager, IoT Expert, ScienceSoft

Maintaining Proper Fleet Cybersecurity Balance

Internet of Things

Information Security

Fleet Management

Transportation & Logistics IT

Maintaining Proper Fleet Cybersecurity Balance

What level of fleet cybersecurity is adequate enough? How to design a proper piece of cybersecurity legislation? We will try to find the answers.

Nov 26, 2016