What’s New and Changing in the World of Vulnerability Management?

According to CIS, “Organizations that do not scan for vulnerabilities and proactively address discovered flaws face a significant likelihood of having their computer systems compromised.” While vulnerability management (VM) isn’t new, I’ve ...
7 habits gif

The 7 Habits of Highly Effective Vulnerability Management

On the surface, vulnerability management (VM) is nearly ubiquitous. If you ask someone whether their organization has VM, the vast majority will reply in the affirmative. In fact, Tripwire asked that very ...

Climbing the Vulnerability Management Mountain

The purpose of this series of blogs is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work ...
Exim MTA Vulnerability (The Return of the WIZard – CVE-2019-10149)

Exim MTA Vulnerability (The Return of the WIZard – CVE-2019-10149)

Last week, Qualys issued a security advisory for a vulnerability we discovered during a code review of Exim. This vulnerability can lead to Remote Command Injection, and is currently being actively attacked ...

June 2019 Patch Tuesday – 88 Vulns, 21 Critical, Hyper-V Escape, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 88 vulnerabilities with 21 of them labeled as Critical. Of the 21 Critical vulns, 17 are for scripting engines and browsers, and 3 are potential hypervisor ...

Steps for Successful Vulnerability Management: Lessons from the Pitch

When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and ...

Vulnerability Management in DevOps-style IT?

As we mentioned here, the team (primarily Augusto and Anna, really) have started a project related to vulnerability management (VM) in “modern” (emerging, new, novel – the term matters not here) IT ...
Larry Bianculli

Pen Test vs. Vulnerability Assessment: Which is Right for my Organization?

The post Pen Test vs. Vulnerability Assessment: Which is Right for my Organization? appeared first on CCSI ...
More than 1 in 4 have been breached

Unpatched Vulnerabilities Caused Breaches in 27% of Orgs, Finds Study

In May 2019, Verizon Enterprise released the 12th edition of its Data Breach Investigations Report (DBIR). Researchers analyzed a total of 41,686 security incidents, of which there were 2,013 data breaches, for ...

Is Vulnerability Management Hopeless?

As card-carrying “cyber” security professionals, we have a compulsion to share and revel in depressing news, at least once in a while. Here is my contribution today: is vulnerability management – as ...
Loading...