Vulnerability Analysis - Security Intelligence

A team of penetration testing specialists.

article

Penetration Testing Versus Red Teaming: Clearing the Confusion

There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.

May 1, 2019 | By Chris Thompson

article

IT professionals conducting a vulnerability assessment.

article

Vulnerability Assessments Versus Penetration Tests: A Common Misconception

Vendors, cybersecurity professionals and marketing teams often use the terms "penetration testing" and "vulnerability assessment" interchangeably, mixing two completely different security engagements.

March 22, 2019 | By Abby Ross

article

IT professionals using vulnerability management software.

article

How Patch Posture Reporting Improves Security Landscapes

If your vulnerability management tools do not report on your company's patch posture, you may be missing crucial holes in your software that are ripe for exploitation.

March 15, 2019 | By I-Lung Kao

article

Two colleagues working as part of a PSIRT.

article

Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough

Your CSIRT protects your organizational network, but who secures your products? It may be time you started a PSIRT at your company.

December 17, 2018 | By Koen Van Impe

article

news

Taking Action to Secure Our IBM Cloud Kubernetes Service Against Recent Kubernetes Security Vulnerabilities

IBM Cloud Kubernetes Service is affected by recent vulnerabilities that could allow unauthorized access to Kubernetes and/or trusted user privilege escalation. Here's how to mitigate the risk.

December 6, 2018 | By Security Intelligence Staff

news

Illustration of a businesswoman running along a broken chain: Drupalgeddon

article

Threat Actors Prey on Drupalgeddon Vulnerability to Mass-Compromise Websites and Underlying Servers

X-Force observed attackers using known Drupal vulnerabilities, including Drupalgeddon, to target websites and the underlying infrastructure that hosts them, leveraging Shellbot to open backdoors.

October 10, 2018 | By Noah Adjonyo

article

A woman reading a document on a laptop: security vulnerabilities

news

Researchers Find 18 Security Vulnerabilities in Foxit PDF Reader

A free browser plugin for creating, editing and viewing PDF files contains 18 security vulnerabilities that could expose users to remote code execution.

October 8, 2018 | By Shane Schick

news

A team meeting of security and business professionals: data risk management

article

The Wild West of Data Risk Management in the Age of Cloud, Mobile and Digital Transformation

In today's rapidly evolving security environment, it's imperative for organizations to establish a formal data risk management program that does more than just check the boxes.

October 3, 2018 | By Paula Musich

article

A woman using a desktop computer at night: open source

article

Maximize the Power of Your Open Source Application Security Testing

To secure products that use open source components, organizations must first take stock of how much of this code they are using in their products.

September 26, 2018 | By Rami Sass

article

A security professional using a digital tablet in a data center: vulnerability management process

article

New Gartner Report Recommends a Vulnerability Management Process Based on Weaponization and Asset Value

Gartner's new report recommends factoring severity, asset value and active exploits into your vulnerability management process.

September 13, 2018 | By Abby Ross

article

Many of Baltimore’s City Services Still Offline Two Weeks After Ransomware Attack

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Phishing Campaign Delivers Multi-Feature, Open-Source Babylon RAT

More Than 100 US Businesses Affected by Ryuk Ransomware Since August 2018, Finds FBI

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Penetration Testing Versus Red Teaming: Clearing the Confusion

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast: ‘You Can Never Have Too Much Encryption’

Podcast: Automating Cyber Resilience Best Practices With Dr. Larry Ponemon

Webinar: Guardium Tech Talk: An Integrated Approach to Data Risk Management

Webinar: The Debrief: Using Tools and Methods From the Intelligence Community to Stop Threats to Your Organization

Webinar: Operational Technology Security in the Age of Digital Transformation

Webinar: Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on the Cyber Resilient Organization

Tag: Vulnerability Analysis

Penetration Testing Versus Red Teaming: Clearing the Confusion

Vulnerability Assessments Versus Penetration Tests: A Common Misconception

How Patch Posture Reporting Improves Security Landscapes

Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough

Taking Action to Secure Our IBM Cloud Kubernetes Service Against Recent Kubernetes Security Vulnerabilities

Threat Actors Prey on Drupalgeddon Vulnerability to Mass-Compromise Websites and Underlying Servers

Researchers Find 18 Security Vulnerabilities in Foxit PDF Reader

The Wild West of Data Risk Management in the Age of Cloud, Mobile and Digital Transformation

Maximize the Power of Your Open Source Application Security Testing

New Gartner Report Recommends a Vulnerability Management Process Based on Weaponization and Asset Value