asset inventory
Balbix Guide to XZ Utils Backdoor
Executive Summary On March 29, 2024, developer Andres Freund reported the discovery of a backdoor in XZ Utils, affecting v5.6.0 and 5.6.1. XZ Utils, which provides compression tools for the .xz format, ...
Understanding Your Attack Surface: AI or bust
Creating an accurate inventory of an organization’s assets and applications while ensuring no duplicates or omissions is essential for any IT and security program. Security teams must understand vulnerabilities associated with their ...
What is a Shadow API? Understanding the risks and strategies to prevent their sprawl
Understand main Shadow API risks, and discover powerful strategies to curb Shadow API sprawl effectively ...
How Balbix Ensures Your Asset Inventory is Accurate and Complete
No Aggregation = Aggravation Having a broad range of security tools is necessary to ensure a strong security posture. Any good security strategy will have a diverse set of tools providing a ...
CISA Directs Federal Agencies to Boost System Visibility
The Cybersecurity and Infrastructure Security Agency (CISA) this week issued Binding Operational Directive (BOD) 23-01 to improve vulnerability detection and identify weaknesses in federal civilian agencies’ systems and networks. Dubbed “Improving Asset ...
The Reason You Need to Have Complete Visibility of all Your Assets and Security Controls
Putting together a jigsaw puzzle is a great way to spend the weekend. Looking at that complete picture in the end is a great feeling. But imagine getting to the end of ...
Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom
With millions working, learning and collaborating remotely due to COVID-19 challenges, there’s an explosion of remote endpoints running Zoom and other collaboration and productivity applications such as Outlook, Teams, Webex, Slack, Office ...
Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR
A severe vulnerability exists in Apache Tomcat’s Apache JServ Protocol. The Chinese cyber security company Chaitin Tech discovered the vulnerability, which is named “Ghostcat” and is tracked using CVE-2020-1938. The security issue ...
The Power of Remediating Vulnerabilities in Real-Time
Qualys is a sponsor of TechSpective Zero day exploits make for dramatic headlines, but the reality is that most cyberattacks—particularly the ones responsible for the biggest and most infamous data breaches—tend to ...
Qualys Brings Global IT Asset Discovery and Inventory App to Federal Government
Qualys is a sponsor of TechSpective There has been an increased focus this year on asset inventory and the idea that you can’t have effective cybersecurity if you don’t even have an ...
