5 Posts

Abby Ross

Advisory Lead, X-Force Red

Abby Ross is the Advisory Lead for X-Force Red, IBM Security's team of veteran hackers. Abby is a seasoned marketing and public relations professional, with a focus on cyber security. Abby specializes in understanding security challenges facing organizations worldwide and communicating how cyber security technologies and services can help overcome them.

Written By Abby Ross

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.

Vulnerability Assessments Versus Penetration Tests: A Common Misconception

Vendors, cybersecurity professionals and marketing teams often use the terms "penetration testing" and "vulnerability assessment" interchangeably, mixing two completely different security engagements.

Calling Into Question the CVSS

X-Force Red believes vulnerabilities should be ranked based on the importance of the exposed asset and whether the vulnerability is being weaponized by criminals, not necessarily its CVSS score.

How Secure Are Medical IoT Devices? Catherine Norcom Has Her Finger on the Pulse of the Industry

We chatted with X-Force Red's resident hardware hacker, Catherine Norcom, about the FDA's recent guidance on securing medical IoT devices.

New Gartner Report Recommends a Vulnerability Management Process Based on Weaponization and Asset Value

Gartner's new report recommends factoring severity, asset value and active exploits into your vulnerability management process.