Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Authentic8 Expands Silo Integration with Corporate Network Infrastructure
Secure virtual browser can now seamlessly authenticate with existing enterprise gateway proxies
ID Experts® Raises $5 Million in Financing from BlueCross BlueShield Venture Partners and Sandbox Advantage Fund
Strategic investment to expand monitoring for medical ID theft; ID Experts MyIDCare™ identity protection product being deployed at Blue Cross and Blue Shield companies
SafeBreach Arms Defenders with the Hacker’s Playbook
Innovation in Breach Validation Identifies and Closes Attack Paths Before Exploitation;
Company to be Featured in RSA Conference 2016 Innovation Sandbox
Fireglass Announces $20M in Series A Funding to Transform Cybersecurity
Former Check Point Head of Security Products teams with military intelligence veteran, earning significant funding to introduce game-changing technology
UpGuard, Formerly ScriptRock, Unveils First FICO-Like Score for Cybersecurity and Compliance
CSTAR Creates First Actionable Score for Businesses and Insurance Carriers to Accurately, Easily Measure Cyber Risk
Lockr: Hosted API & Encryption Key Management for Secure Website Content
Lockr Managed Key Service for Drupal Is Out of Beta, Now Also Available for WordPress; First Key Free
ATTACKIQ EMERGES FROM STEALTH WITH CONTINUOUS TESTING PLATFORM
FireDrill challenges existing on-premise network and cloud infrastructures to help organizations continuously, automatically, and affordably attack, measure and improve their defenses
iSheriff Introduces Complete Cloud-Based Security Solution
iSheriff Complete Replaces Three Point Products Covering
Web, Email and Endpoint Security
Attivo Strikes Back At KillDisk and CryptoLocker
Provides Detection and Forensic Analysis for All Classes of Cyber Threats
Denise Anderson Named President of NH-ISAC
Former FS-ISAC Executive to increase Healthcare ISAC growth and maturity
FireEye Announces Acquisition of Global Threat Intelligence Leader iSIGHT Partners
Combination Creates Most Advanced and Comprehensive Cyber Threat Intelligence Operation, Driving Industry Toward Intelligence-Led Approach to Cybersecurity
SplashData’s fifth annual “Worst Passwords List” shows people continue putting themselves at risk
While longer passwords debut on this year’s list of most commonly used passwords, they are not necessarily more secure
EiQ Networks Raises $9.55 Million in Series C Growth Capital Led by Arrowroot Capital
New Financing to Accelerate Customer Acquisition for EiQ’s Hybrid SaaS Security Services
Raytheon|Websense Is Now Forcepoint
FORCEPOINT BRINGS FRESH APPROACH TO SAFEGUARDING USERS, DATA AND NETWORKS FROM INSIDER AND OUTSIDER THREATS
New Advanced Cyber Degree Program Fills Critical Skills Education Gap
First Advanced Cybersecurity Degree Program to Bridge Strategic & Tactical Implementation
Hyatt Completes Payment Card Incident Investigation
Affected locations and respective at-risk dates are available at www.hyatt.com/protectingourcustomers
Virtru Launches Hardware-Backed Encryption Key Management Service
Gives Users Ultimate Control Over Content and Keys
Shape Security Secures $25M Series D for Intermational Growth
Service now Protects Web and Mobile Apps of Many Fortune 100 Companies.
iSheriff Names John Mutch Chief Executive Officer
Former CEO of BeyondTrust, Peregrine Systems & HNC Software Joins Cloud Security Leader
EiQ Networks Expands Value-Added Reseller Program with Addition of Redhawk Network Security
Redhawk to Offer EiQ’s Hybrid SaaS SOCVue Security Monitoring and Vulnerability Management Services
RiskIQ Adds “Who” and “Why” Threat Intelligence from Intel 471 to PassiveTotal Security Analysis Platform
Integration Allows Analysts to Link Adversary Profiles with their Attack Infrastructures to Preempt Threats
NTT positioned as a challenger in the Gartner Magic Quadrant for Managed Security Services, Worldwide
Evaluation based on completeness of vision and ability to execute
Centrify Delivers Industry’s First Federated Privileged Access Service to Protect Enterprises with Outsourced IT
Cloud-based security solution minimizes an organization’s attack surface by governing and securing federated access by outsourced IT, vendors and other third parties
Microsemi Introduces Security-Hardened NTP Timing and Synchronization Platform
Versatile New SyncServer S600 and SyncServer S650 Enable Highly Secure, Accurate and Flexible Time and Frequency in Enterprise and Government Applications
Arxan’s 5th Annual State of Application Security Report Reveals Disparity between Mobile App Security Perception and Reality
While 84 percent of consumers and IT execs believe their mobile health and finance apps are secure; 90 percent of mobile health and finance apps test positive for two critical security risks
Judge Sentences Defendant for Violation of the Computer Fraud and Abuse Act
Insider at financial services company stole documents, deleted files on server to hide tracks.
DHS eyes new tech to combat rising DDoS attacks
Galois Awarded $1.7 Million Contract To Enable Peer-to-peer Collaboration.
New Company, CyberVista, Launches to Tackle Cybersecurity Training for Business Leaders and Practitioners
Education and Workforce Development Programs Will Help Organizations Protect Critical Digital Assets, Reduce Risk of Cyber Breach
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
