There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.
Vendors, cybersecurity professionals and marketing teams often use the terms "penetration testing" and "vulnerability assessment" interchangeably, mixing two completely different security engagements.
If your vulnerability management tools do not report on your company's patch posture, you may be missing crucial holes in your software that are ripe for exploitation.
Your CSIRT protects your organizational network, but who secures your products? It may be time you started a PSIRT at your company.
Taking Action to Secure Our IBM Cloud Kubernetes Service Against Recent Kubernetes Security Vulnerabilities
IBM Cloud Kubernetes Service is affected by recent vulnerabilities that could allow unauthorized access to Kubernetes and/or trusted user privilege escalation. Here's how to mitigate the risk.
X-Force observed attackers using known Drupal vulnerabilities, including Drupalgeddon, to target websites and the underlying infrastructure that hosts them, leveraging Shellbot to open backdoors.
A free browser plugin for creating, editing and viewing PDF files contains 18 security vulnerabilities that could expose users to remote code execution.
In today's rapidly evolving security environment, it's imperative for organizations to establish a formal data risk management program that does more than just check the boxes.
To secure products that use open source components, organizations must first take stock of how much of this code they are using in their products.
New Gartner Report Recommends a Vulnerability Management Process Based on Weaponization and Asset Value
Gartner's new report recommends factoring severity, asset value and active exploits into your vulnerability management process.