Shellshock and Future Vulnerabilities - Buying Precious Time
By: Dell EMC View more from Dell EMC >>
Download this next:
Vulnerability management trends for 2024
By: JFrog
Type: Research Content
44% of organizations have a formal vulnerability management program in place internally, with 28% of organizations identifying 100 or more vulnerabilities each month.
These findings and more are from Dark Reading’s The State of Vulnerability Management Report.
Read the report here.
These are also closely related to: "Shellshock and Future Vulnerabilities - Buying Precious Time"
-
CrowdStrike vs. Rapid7 vs. Tenable for risk-based vulnerability platforms
By: CrowdStrike
Type: Analyst Report
Risk-based vulnerability management (RBVM) platforms were developed to help customers prioritize vulnerabilities because scan results show, shockingly, hundreds of thousands of vulnerabilities for the largest organizations.
The huge numbers are discouraging, and security teams do not know where to even start resolving them. Risk-based platforms help customers focus on the vulnerabilities that present the greatest risk to the organization when customized to them.
Read this IDC MarketScape report to compare 15 RBVM platforms—including CrowdStrike, Rapid7, Tenable, and Ivanti—to find the platform most suitable for your organization.
-
Software bill of materials (SBOMs) — a critical component of software supply chain security
By: Tanium
Type: White Paper
Many software providers build their applications by relying on open-source and commercial software components. In November 2022, open-source toolkit developers announced two high-severity vulnerabilities that affect all versions of OpenSSL 3.0.0 up to 3.0.6. Vulnerabilities like this will continue to occur.
So how should organizations prepare? One of the most effective tools for finding and addressing such vulnerabilities, and keeping software secure, is the software bill of materials (SBOM).
Find more content like what you just read:
-
How Do Vulnerabilities Get into Software?
By: Veracode, Inc.
Type: White Paper
Despite the best efforts of IT security teams, vulnerabilities in applications are bound to happen. In fact, research shows that 3 out of 4 apps produced by software vendors fail to meet security standards. Download this white paper to discover the 4 most common causes that lead to software vulnerabilities and ensure your readiness.
-
Proactive Security: Software vulnerability management and beyond
By: TechTarget ComputerWeekly.com
Type: eGuide
In this e-guide we discover why modern security professionals are moving to a more pro-active approach to cyber defence, and how managing vulnerabilities is a key element of that.
-
AI-powered vulnerability management in action
By: CrowdStrike
Type: Video
Today’s organizations don’t have a malware problem, they have an adversary problem. Falcon Exposure Management delivers complete visibility to proactively defend against top adversaries that prey on prevalent vulnerabilities. Watch this video see the AI-powered vulnerability management solution in action.
-
Top 10 IT security stories of 2018
By: TechTarget ComputerWeekly.com
Type: eGuide
The discovery of the Meltdown and Spectre microprocessor vulnerabilities, and several similar vulnerabilities in the months that followed, were probably the single most challenging developments for enterprise IT security teams in 2018. Here's a look back over Computer Weekly's top 10 IT Security stories of 2018.
-
Live demonstration of Clarity xDome
By: Claroty
Type: Product Demo
OT vulnerabilities present a serious threat to organizations operating in industrial environments. In this video, Claroty Product Marketing Manager, Corey Burke, will walk you through a real-time demonstration of the Claroty xDome platform and how you can use it to manage vulnerabilities across industrial OT environments. Watch now to learn more.
-
How To Spend Less Time Fixing CVEs
By: JFrog
Type: eBook
In this eBook, you’ll learn how to transform your approach to CVE management and stay one step ahead in your software supply chain security. Get your copy now.
-
A Vulnerability Manager’s Guide to Attack Surface Management
By: Palo Alto Networks
Type: White Paper
The shift to remote work has forced organizations into deploying more digital infrastructure than ever before, rapidly increasing the attack surface. This guide looks at attack surface management (ASM) from the viewpoint of vulnerability
-
Top 5 open-source components & their vulnerabilities
By: Sonatype
Type: White Paper
Software dependencies can equal open-source vulnerabilities. To empower your developers in leveraging open-source components while mitigating risk, read this white paper. Inside, Sonatype evaluates the top 5 open-source components, their vulnerabilities, and remediation recommendations.
-
What a vulnerability & patch management service can provide
By: Novacoast
Type: Product Overview
Download this overview to learn about maturing your security program by leveraging a vulnerability and patch management service.
-
Even fintech startups battling to meet cyber security skills
By: TechTarget ComputerWeekly.com
Type: eGuide
A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge
-
Vulnerability assessment in 2024: Compare leading vendors
By: CrowdStrike
Type: Gartner Research Report
As you evaluate the vulnerability assessment (VA) landscape, the thoughts and experiences of other customers – your peers – can be a valuable resource. To supply you with that resource, Gartner developed the 2024 “Voice of the Customer for Vulnerability Assessment” report. Dig in to unlock the insights in full.
-
Vulnerability assessment in 2024: Compare leading vendors
By: Adobe and Microsoft
Type: Video
As you evaluate the vulnerability assessment (VA) landscape, the thoughts and experiences of other customers – your peers – can be a valuable resource. To supply you with that resource, Gartner developed the 2024 “Voice of the Customer for Vulnerability Assessment” report. Dig in to unlock the insights in full.
-
Royal Holloway: Securing connected and autonomous vehicles
By: TechTarget ComputerWeekly.com
Type: Research Content
This article introduces connected and autonomous vehicles, analysing the underlying technologies and considering their cyber security vulnerabilities and attacks. We identify and assess the existing and emerging countermeasures for such vulnerabilities, and propose high-level recommendations.
-
2024 threat report: 10 vulnerabilities to watch out for
By: Arctic Wolf
Type: Research Content
Security pros, what vulnerabilities should you be on the lookout for in 2024? In Arctic Wolf Labs’ 2024 threat report, learn about 10 top vulnerabilities and how you can mitigate threats.
-
Achieve risk-based vulnerability management
By: AT&T Cybersecurity
Type: White Paper
Information overload challenges from data and threats can overwhelm cybersecurity professionals, causing many to unwisely skip vulnerability mitigation. Consequently, some organizations are operating at unacceptably high levels of risk. Read this guide to understand the framework of a modern, risk-based vulnerability management program.
-
Supporting vulnerable customers
By: FourNet
Type: White Paper
According to the FCA Financial Lives survey, 24.9m adults in the UK, or 47% of the population, have one or more characteristics that classify them as vulnerable. The aim of this whitepaper is to contextualize the scale of the issue and provide actionable steps to better understand and treat this important customer segment. Read on to learn more.
-
How E.ON defends their extensive attack surface
By: Ionix
Type: Case Study
Serving 53 million customers, the assets owned and managed by E.ON presented an attack surface so large they could no longer defend it affectively. E.ON partnered with Ionix, and used their Ecosystem Security platform to pre-emptively act on vulnerabilities. Read on to learn more.
-
Building a Micro-Segmentation Strategy in 5 Steps
By: Illumio
Type: White Paper
Download this white paper to learn how to build an effective micro-segmentation strategy including identifying high-value assets, mapping your application dependencies and enrich with vulnerability data, understanding the types of segmentation for security, and more.
-
Floor & Decor ensures comprehensive and efficient security with Contrast Security
By: Contrast Security
Type: Case Study
By using Contrast Security solutions, Floor & Décor has been able to better identify, remediate, and avoid potentially impactful security events such as the Log4j/Log4Shell incident. In fact, the company’s applications were protected from the vulnerability even before it was publicly known. Access the case study to learn more.
-
False cents of security: The price of being compromised
By: TechTarget ComputerWeekly.com
Type: eGuide
Trying to guard against everything from frequently phished users to applications with flimsy security, information security professionals are fending off these threats from all angles. Learn more in this infographic about the anatomy of data breach costs and where enterprises are most vulnerable.
-
Same cyberthreat, different story
By: ServiceNow
Type: eBook
Organizations like yours are reducing the cost and chaos of vulnerability management by orchestrating an automated response across IT asset management, risk and security. Read this story for a real, practical example of how it's done, helping you stay ahead of the latest cyberthreats and drive continuous improvements.
-
CW ASEAN November 2016
By: TechTarget Security
Type: Ezine
Small businesses in the ASEAN region could unknowingly be allowing hackers to access large corporate networks.
-
Security and risk management in the wake of the Log4j vulnerability
By: Tanium
Type: eBook
Read this e-book to get a quick refresher on the Log4j vulnerability and its threat, the longer-term issues of software management, compliance risks, and threat hunting — and how security and risk teams should rethink their roles and processes as a result.
-
5G vs. Wi-Fi 6: What's the difference?
By: TechTarget ComputerWeekly.com
Type: Infographic
Although both patch and vulnerability management are intertwined, they differ in critical ways, and it's important to have tools and processes for executing both. Here's a deep dive into their differences, the important places they overlap and software options for automating them.
-
Securing your software supply chain
By: TechTarget ComputerWeekly.com
Type: eGuide
Organisations need to have a thorough understanding of software components and build security controls into development lifecycles to shore up the security of their software supply chains. Learn how software supply chain security can combine risk management and cybersecurity to help protect your organisation from potential vulnerabilities.
-
Cyber risks in maritime container terminals: Analysis of threats and simulation of impacts - updated
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This article in our Royal Holloway Security series explains why container terminals are vulnerable to cyber attacks, and recommends a technique for identifying and prioritising those vulnerabilities.
-
Augmenting Cybersecurity Defenses With Managed Services
By: LRS IT Solutions
Type: Product Overview
With the cyber landscape brimming with threats, your organization may require some help augmenting your defenses. In this overview, learn about managed services for SIEM, vulnerability scanning and much more.
-
What to do when a zero-day attack strikes
By: Palo Alto Networks
Type: Webcast
Picture this: A known vulnerability has been discovered in your network, but there is no known exploit code. You are now facing a race against time to remediate this emerging threat before it does considerable damage. Watch this webinar to see how a security expert assesses this troubling situation and remediates a zero-day exploit live in action.
-
Application security: best practices and risks
By: TechTarget ComputerWeekly.com
Type: eGuide
Security professionals need to anticipate vulnerabilities from all the right perspectives, and that means testing apps for flaws on a regular basis, whether that means monthly, quarterly or following updates. Check out this e-guide, which include application security best practices, threat identification and security testing tips.
-
Passwordless security: 101 lesson
By: Portnox
Type: Blog
As they spot vulnerabilities in their password-based security models, many organizations have adopted a new security approach: passwordless. For an introduction to passwordless security, take a look through this article.
-
4 major threats to watch out for in 2024
By: SecurityHQ
Type: Research Content
As you move through the second half of 2023, what cyberthreats and trends should you look out for? To answer that question, this report by SecurityHQ breaks down four major threats. Read on to unlock these insights and six recommendations for augmenting your security posture.
-
How Can Healthcare Protect Against Zero-Day Attacks and What Does It Mean?
By: XtelligentMedia Healthcare
Type: eGuide
Zero-day attacks pose significant dangers to the healthcare sector, but defenders can mitigate risk by patching early and often.
-
Computer Weekly – 25 July 2023: Getting comfortable with data
By: TechTarget ComputerWeekly.com
Type: Ezine
In this week's Computer Weekly, we talk to the head of IT at furniture retailer DFS about building trust in data. The vulnerabilities in MOVEit software continue to attract new victims – we assess the impact of the breaches. And we find out how online investigators are trawling social media to gather evidence of war crimes. Read the issue now.
-
Zero trust verification and validation
By: Forward Networks
Type: White Paper
Open this use case to learn how to access a single source of truth for the network to continuously verify and validate the zero-trust architecture and prove network behavior.
-
Assessing your network-security posture: 6 considerations
By: Palo Alto Networks
Type: Research Content
With advanced threats crowding the cyber landscape, how can you secure your dispersed workforce? This research report by Palo Alto Networks’ Unit 42 unpacks 6 components of a strong network-security posture. Keep reading to discover those insights – and much more.
-
The Issue With Open-Source Code Utilization
By: Nexum
Type: Blog
Due to ongoing geopolitical events, some individuals have begun to “poison” major open-source projects to try to cause damage. Access this blog article to learn complications with open-source code utilization.
-
Securing hybrid work with Windows 11 Pro devices
By: Connection
Type: Blog
75% of executive decision makers in security believe hybrid work migration leaves their organization more vulnerable to threats. Fortunately, Windows 11 Pro devices are well-suited to combat these new challenges with simple deployment and advanced security protections. Read this blog to learn more.
-
Guide to the dangers of third-party threats
By: Ionix
Type: White Paper
Modern applications are overly reliant on third-party services and content. As a result, security compromises resulting from third-party vulnerabilities have seen a marked increase. Download this white paper to unlock an in-depth look at how you can use an attack surface management (ASM) solution to protect your applications.
-
CrowdStrike found a 288% increase in cloud environment targeting
By: CrowdStrike
Type: White Paper
Cloud environments are more vulnerable than ever before, and you need a solution that can mitigate attacks faster than hackers can execute them. Download this white paper to learn how you can secure your cloud environment with Falcon Cloud Security.
-
How Does Penetration Testing Work?
By: Novacoast
Type: Product Overview
In the increasingly challenging cyber threat landscape, you must identify and remedy any security weaknesses in order to protect your business. Penetration testing can help you on your path to a stronger security posture. Learn about the seven components of a penetration testing service in this overview.
-
The Ultimate Guide to Ransomware Defense: How to prevent system lockdowns, maintain operations and reduce the likelihood of suffering an attack
By: Tanium
Type: Resource
Read the Ultimate Guide to Ransomware Defense to learn how to prevent system lockdowns, maintain operations, and reduce the likelihood of suffering an attack.
-
Computer Weekly - 21 December 2021: What is Log4Shell - and why the panic?
By: TechTarget ComputerWeekly.com
Type: Ezine
In this week's Computer Weekly, we assess the risks from Log4Shell, a new web software vulnerability described as "catastrophic". We look at SASE – secure access service edge – which is set to be one of the networking priorities for 2022. And some victims of the Post Office IT scandal are still waiting for proper compensation. Read the issue now.
-
Build an effective API security strategy with this guide
By: Software AG
Type: White Paper
95% of companies have had an API security incident in the past 12 months, with API attack traffic growing by 681%. So, how do you develop an effective API security strategy to combat this? Dive into this whitepaper to get started.
-
CrowdStrike Falcon Exposure Management interactive demo
By: CrowdStrike
Type: Product Demo
According to Enterprise Security Group (ESG), 76% of organizations experience attacks due to an unknown asset. To prevent this from happening in your company, CrowdStrike Falcon Exposure Management provides comprehensive attack-surface visibility. Access your interactive demo of CrowdStrike Falcon here.
-
Security needs to be calculated into the foundation of building design
By: Brivo
Type: Webcast
With most security discourse is concerned with defending your business-critical data and other digital infrastructure, it can be easy to lose sight of where your organization is most vulnerable; It’s physical location. Watch the webcast to learn why security needs to be calculated into the foundation of building design.
-
Information Risk Management – Expectations Versus Reality
By: Tanium
Type: White Paper
Many businesses have identified a gap between their ideas of information risk management strategies and the maturity of their implementations. Through considering the experiences of 12 security professionals, the “Information Risk Management—Expectations Versus Reality” report explores this gap. Continue reading to unlock insights.
-
The exploitation of flaws in the HTTPS protocol
By: TechTarget ComputerWeekly.com
Type: Research Content
For both technical and non-technical users, the presence of "HTTPS" in a website URL will provide confidence to consider entering sensitive information such as bank or credit card details. However, even websites owned by the most reputable organisations may be exposed to attack if HTTPS is not properly implemented.