Risk Management December 21, 2022

Don’t Wait to Embrace CISA’s Vulnerability Management Rules

4 min read - Vulnerability management is the time-consuming process of finding and patching a seemingly unlimited number of potential risks. The National Institute of Standards and Technology (NIST) reports more than 23,000 new vulnerabilities for 2022, where more than 17,000 are classified as…

Intelligence & Analytics March 16, 2022

IOCs vs. IOAs — How to Effectively Leverage Indicators

4 min read - Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs)…

Software Vulnerabilities November 16, 2021

Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform

4 min read - In an age where organizations have established a direct dependence on software to run critical business operations, it’s fundamental that they are evaluating their software development lifecycles and that of their extended environment — third-party partners — against the same…

Application Security October 27, 2021

Why Containers in the Cloud Can Be An Attacker’s Paradise

4 min read - Containers — which are lightweight software packages that include entire runtime environments — have solved the issues of portability, compatibility and rapid, controlled deployment. Containers include an application; all its dependencies, libraries and other binaries; and configuration files needed to…

Intelligence & Analytics July 15, 2021

Vulnerability Management: How a Risk-Based Approach Can Increase Efficiency and Effectiveness

3 min read - Security professionals keep busy. Before you can patch a vulnerability, you need to decide how important it is. How does it compare to the other problems that day? Choosing which jobs to do first using vulnerability management tools can be…

Intelligence & Analytics April 8, 2021

How Vulnerability Management Can Stop a Data Breach

3 min read - Vulnerability management may not be the sexiest topic. But, while buzzier topics are certainly important, vulnerability management may just be the key to an effective data security strategy. According to a Ponemon Institute report, 42% of nearly 2,000 surveyed IT…

Software Vulnerabilities August 17, 2020

New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud

4 min read - X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in other words, hybrid multicloud. The report, “The State of Vulnerability Management in the Cloud and On-Premises,”…

Software Vulnerabilities August 6, 2020

Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away

5 min read - Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock still remains a threat to enterprise.   The threat is certainly less risky…

Data Protection July 28, 2020

What’s New in the 2020 Cost of a Data Breach Report

6 min read - In a world of uncertainty and change, it’s a comfort that some things are consistent year after year. Now in its 15th year, the annual Cost of a Data Breach Report, with research by the Ponemon Institute and published by…

Software Vulnerabilities May 20, 2020

Take a Bite Out of Sweyn

4 min read - If you work in the healthcare industry, you may have heard about a family of vulnerabilities called "SweynTooth." But how serious is SweynTooth, and what should hospitals be doing to minimize risk?