Written by Chua Woo HianFebruary 16, 2022DevSecOps with Checkmarx Have you ever encountered a situation whereby you are not able to deploy an application due to vulnerabilities in the codes? Remediation measures are generally time consuming and expensive when vulnerabilities are discovered in the later stages of the development cycle. Worst still, having a vulnerable code pushed to production could lead to exploitation causing downtime or data
Written by Kirti RajFebruary 9, 2022nSignBasic – The New Face of Document Signing With the plan of improving the lives of citizens and creating more opportunities, Singapore was progressing towards a Smart Nation by using digital technology to the fullest. However, the unforeseen pandemic arrival has forced many to transition to the digital world for continuity in everyday life. Many were fastened on the traditional method
Written by Steven CheahJanuary 19, 2022Going Passwordless! Removing the password effectively removes all password hacks The core concept of security in the enterprise, as well as elsewhere in society, is identity. Are you who you say you are and do you have a right to be here? When it comes to verifying identity, usernames and passwords are universally used log in to websites and applications. The
Written by Larry LeeJanuary 5, 2022Vulnerability remediation is often an uphill task for most organisations as they struggle to identify, prioritise and remediate them. In addition, due to the dynamic landscape in vulnerability discoveries by third party vendors. It has made it even more challenging for them to step into this massive area without causing them massive headaches or anxieties. To add on to the complexity
Written by Kirti RajDecember 29, 2021A common misconception people have is that once the user locks their computer with a password, all data is secure and not retrievable. But most users tend to overlook that if an individual learns of this password, all information is immediately readily available at hand. Somebody with malicious intent can easily access these files once the computer has been logged into
Written by Li WeichaoDecember 15, 2021Since the tightening of COVID curbs, working from home has been the default arrangement and more and more businesses and organizations have adopted work from home policies. Remote working has since become a new trend in the workplace, and accompanied by its unique cybersecurity challenges. What are the types of threats faced? Remote working is one of the fastest-growing types of
Written by Harpreet Singh KangDecember 1, 2021Introduction: From checking your CPF statements to logging into NS portal to book an IPPT session, every citizen or resident of this country is likely to have experienced Singpass authentication at least once. In fact, most probably use it on a regular basis. From a simple platform that provided basic authentication in its early days, Singpass has bloomed into a service
Written by Louis LimNovember 24, 2021Certificate management catches faulty, misconfigured, and expired certificates, then performs the following processes: Creating Purchasing Storing Disseminating Deploying Renewing Suspending Revoking Replacing A good certificate management system is capable of performing these actions for an entire certificate infrastructure, automatically and in real-time, to prevent downtime and outages. Why should organization care about Certificate Management? Many years ago, certificates are usually used
Written by Lai Yong XingNovember 17, 2021Interchangeable Signer You may be presented with requirements that allow multiple signers to sign on the same spot interchangeably. This may be the HOD and his deputy, or perhaps any member of a particular department is authorised to sign off on the document. This is similar to Parallel Signing covered in the previous article with the same pitfalls and in addition,
Written by Lai Yong XingNovember 10, 2021Sequential Signing This is the simplest use case; you have a document that needs to be signed by some signers in sequence and whose identities are known. Keeping and tracking the document mid-flow is also simple in a custom workflow system. This can be treated as one long transaction, or three different transactions all linked by some common ID. Parallel
