Risk
9/27/2012
12:21 PM
Dark Reading
Dark Reading
Slideshows
50%
50%

Slide Show: 10 Free Governance Risk And Compliance Tools

While expensive risk management products can certainly help a GRC program, any organization can get started measuring risk and making more disciplined decisions using these tools and templates
Previous
1 of 10
Next


It's impossible to gauge the risk of an IT environment without knowing first what that environment consists of. The Open Source GLPI is an IT and asset management suite that's designed to help you build a database with an asset inventory that can be leveraged for more accurate risk assessments.

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0196
Published: 2015-06-29
CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 Cumulative iFix 2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

CVE-2015-0545
Published: 2015-06-29
EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

CVE-2015-1900
Published: 2015-06-29
IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors.

CVE-2014-4768
Published: 2015-06-28
IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode.

CVE-2014-6198
Published: 2015-06-28
Cross-site request forgery (CSRF) vulnerability in IBM Security Network Protection 5.3 before 5.3.1 allows remote attackers to hijack the authentication of arbitrary users.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report