SSVC: Prioritization of vulnerability remediation according to CISA
Given that 2021 was a record year for new vulnerabilities published and threat actors became better at weaponizing vulnerabilities, timely and well-judged vulnerability …
vulnerability assessment
5 open-source vulnerability assessment tools to try out
A vulnerability assessment is a methodical examination of network infrastructure, computer systems, and software with the goal of identifying and addressing known security …
Mind the gap: How to ensure your vulnerability detection methods are up to scratch
With global cyber crime costs expected to reach $10.5 trillion annually by 2025, it comes as little surprise that the risk of attack is companies’ biggest concern globally. To …
The security gaps that can be exposed by cybersecurity asset management
Cybersecurity asset management does not come with the excitement following the metaverse, blockchain, or smokescreen detection technologies, but it is essential for the …
Product Showcase: Acronis Cyber Protect
Considering the breadth and diversity of attacks facing today’s organizations, it’s no wonder cybersercurity and IT professionals are relying on an ever expanding arsenal of …
Researchers develop program that helps assess encryption systems’ vulnerabilities
Anastasia Malashina, a doctoral student at HSE University, has proposed a new method to assess vulnerabilities in encryption systems, which is based on a brute-force search of …
Lack of visibility into IT assets impacting security priorities
Axonius released a report which reveals the extremes to which the pandemic escalated lack of visibility into IT assets and how that is impacting security priorities. According …
MythBusters: What pentesting is (and what it is not)
You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security …
When it comes to vulnerability triage, ditch CVSS and prioritize exploitability
When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …
How important are vulnerability management investments for a cybersecurity posture?
Vulnerability management (VM) technology addresses the threat landscape, which is in a constant state of flux. The wider dispersal of endpoints across private and public cloud …
HP expands its Bug Bounty Program to focus on office-class print cartridge security vulnerabilities
HP has expanded its Bug Bounty Program to focus specifically on office-class print cartridge security vulnerabilities. The program underscores HP’s commitment to delivering …
Review: ThreadFix 3.0
Maintaining a strong organizational security posture is a demanding task. Most best practices – e.g. CIS Controls, the OWASP Vulnerability Management Guide – …