Please turn on your JavaScript for this page to function normally.

vulnerability management

DevSecOps
CISOs struggle to manage risk due to DevSecOps inefficiencies

As their hybrid and multicloud environments become more complex, and teams continue to rely on manual processes that make it easier for vulnerabilities to slip into production …

vectors
Study of past cyber attacks can improve organizations’ defense strategies

Ransomware operators have been increasingly launching frequent attacks, demanding higher ransoms, and publicly exposing victims, leading to the emergence of an ecosystem that …

security awareness
The era of passive cybersecurity awareness training is over

Despite increased emphasis on cybersecurity from authorities and high-profile breaches, critical gaps in vulnerability management within organizations are being overlooked by …

backup
Top 5 security risks for enterprise storage, backup devices

An average enterprise storage and backup device has 14 vulnerabilities, three of which are high or critical risk that could present a significant compromise if exploited, …

critical infrastructure
CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs

Organizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US …

patch
The future of vulnerability management and patch compliance

IT departments continue to face immense pressure to get vulnerability and patch management right as threat actors use new and old methods to exploit network endpoints. But are …

bug
70% of apps contain at least one security flaw after 5 years in production

Veracode revealed data that could save organizations time and money by helping developers minimize the introduction and accumulation of security flaws in their software. Their …

open source security
OSV-Scanner: A free vulnerability scanner for open-source software

After releasing the Open Source Vulnerabilities database (OSV.dev) in February, Google has launched the OSV-Scanner, a free command line vulnerability scanner that open source …

Intruder.io
Product showcase: The Intruder vulnerability management platform

Vulnerability scanning is a fundamental component of every good cyber security strategy – but it can be challenging to get right. Intruder created a vulnerability management …

Log4j
A year later, Log4Shell still lingers

72% of organizations remain vulnerable to the Log4Shell vulnerability as of October 1, 2022, Tenable‘s latest telemetry study has revealed, based on data collected from …

Oracle
Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)

A pre-authentication RCE flaw (CVE-2021-35587) in Oracle Access Manager (OAM) that has been fixed in January 2022 is being exploited by attackers in the wild, the …

CISA
SSVC: Prioritization of vulnerability remediation according to CISA

Given that 2021 was a record year for new vulnerabilities published and threat actors became better at weaponizing vulnerabilities, timely and well-judged vulnerability …

Don't miss

Cybersecurity news