Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Exostar Receives Additional $10 Million Investment from Merck Global Health Innovation Fund
Commitment Reflects Impact of Exostar’s Mission, Vision, and Solutions on Life Science and Healthcare Industries
Fantom Drives Announces DataShield Portable USB 3.0 External Hard Drives with 256-Bit AES Military Grade Encryption
Secure, Keypad Access Drive Available in HDD or SSD Drive Types and Provides USB 3.0 Connectivity for up to 5Gbps Throughput Performance
CERTES NETWORKS PARTNERS WITH SOTI TO DELIVER END-TO-END SECURITY OF ENTERPRISE APPLICATIONS, CUT ‘SHADOW IT’ RISK
Alliance Combines Certes’ Software-Defined Security with SOTI’s Enterprise Mobility Management Solutions for Faster, Safer Roll-out of Enterprise Applications
Cato Networks Secures $20 Million in Series A Round From Aspect Ventures and U.S. Venture Partners
Theresia Gouw, Steve Krausz invest to make network security work for the distributed, mobile and Cloud-enabled enterprise
Skycure Report Finds Mobile Threats Lurking Around Every Corner, with Two in Every 100 Devices Already Compromised and More than 40 Percent at Medium to High Risk
Risk of Attack Increases Every Month According to Mobile Threat Intelligence Report
Bit9 + Carbon Black Joins Facebook’s ThreatExchange Community
Company’s customers will have immediate access to Facebook’s
robust threat-sharing community
Former RSA Executive Chairman Art Coviello Joins Bugcrowd Board of Directors
Coviello Brings Over 20 Years of Security Domain Expertise
New Independent Study Finds Enterprise Security Experts Prefer Integrated, Cloud-Delivered Security Platforms
Nearly All IT Security Decision Makers—98%—Recognize Integrated Cloud Security Platforms As Delivering Better Functionality Than Point Solutions
New remote management solutions from Thales deliver enhanced security and administration for cloud-based deployments
Capabilities provide significant time and cost savings for nShield and payShield customers with multi-data center deployments
Online Trust Alliance and National Association of Realtors Create Smart Home Security and Privacy Checklist
Guidance for home buyers, renters and real estate industry to help protect consumers during National Cybersecurity Awareness Month
Despite Breaches, Alarming Number of Companies Lack Security Controls for Accessing Enterprise Applications, According to Latest Research
Independent Study Respondents Recognize Need for More Stringent Access Controls, Yet 60 Percent of Organizations Do Not Require Multifactor Authentication for Non-Employees Accessing Enterprise Applications
European IT Pros Survey: US Companies Don’t Adequately Protect User Data from Government Surveillance
VMworld Europe Attendees Predict that the U.K. will Continue to Suffer More Data Breaches than any other European Country in 2016
threatSMART™ from BrandProtect™ Empowers Enterprises to Better Connect, Analyze and Act On Threat Intelligence
New Data Mining, Deep Incident Analysis and Correlation, and Multi-Language Support Capabilities Provide Greater Visibility Beyond the Traditional Security Perimeter
CounterTack | MCSI and Ponemon Institute Study Reveals That A Growing Number of U.S. Corporations Have Suffered a Nation-State Cyber Attack
Thirty-five Percent of Organizations are Certain They Have Already Become Victim to a State-Sponsored Attack
Online Trust Alliance Releases New Internet of Things Trust Framework to Address Global Concerns
Business and government leaders to attend upcoming summit to roll out IoT security, privacy and sustainability code of conduct
CyberX Reveals a New Zero-Day Vulnerability that Can Shut Down Operational Networks
The vulnerability, FrostyURL, was discovered in a Rockwell Automation PLC and was validated by the ICS-CERT
Nexusguard Monthly Threat Report Reveals China is Top Target for DDoS Reflection Attacks
NTP attacks continue to dominate the network threat landscape
Half of IT Security Pros Believe They’re an Unlikely Target for Attack, Finds Ponemon Institute Study
61 Percent of IT Security Pros Lack Confidence in Their Ability to Detect Advanced Threats
Wombat Security Announces Enhanced CyberStrength Assessment Solution to Assess Security Knowledge Across All Threat Areas
New Solution Automates and Streamlines Process for Administrators to Assess Employee Knowledge on Key Security Concerns Covering All Threat Vectors
Vectra Networks Reveals Cyber Attackers’ Covert Encrypted Communications
Revolutionary Advances in Data Science and Machine Learning Algorithms Are First in Industry to Reveal Threats without Decrypting Network Traffic
TrapX Integrates with Intel Security’s DXL Fabric
DeceptionGrid™ Now Offers Expanded Offense for Dynamic Deception Operations
Arcanum Technology Intros N-Kod Authentication
New technology delivers expanded character set, sophisticated encryption system and an innovative cypher algorithm to fortify passcodes.
Despite Breaches, Alarming Number of Companies Lack Security Controls for Accessing Enterprise Applications, According to Latest Research
Independent Study Respondents Recognize Need for More Stringent Access Controls, Yet 60 Percent of Organizations Do Not Require Multifactor Authentication for Non-Employees Accessing Enterprise Applications
New Independent Study Finds Enterprise Security Experts Prefer Integrated, Cloud-Delivered Security Platforms
Nearly All IT Security Decision Makers—98%—Recognize Integrated Cloud Security Platforms As Delivering Better Functionality Than Point Solutions
Simility Adds Trinity Ventures to Close $5.7 Million Round
Fraud Detection Provider Has Prevented Thousands of Fraudulent Transactions Worldwide
SITELOCK PARTNERS WITH MEDIA TEMPLE TO OFFER COMPREHENSIVE HOSTING PACKAGES
SiteLock’sSecurity Solutions Now Offered with Web Host’s Managed Web Hosting Solutions
Judge Confirms Jury Finding of Willful Infringement of Veracode Patent
Injunction prohibits Appthority’s continuing use of infringing technology
Bluefin To Provide USAePay Clients With PCI-Validated Point-to-Point Encryption Protection From Malware
PCI Validated Decryptx™ P2PE Solution will enhance consumer data security for USAePay™ Clients
MicroStrategy Announces Usher™ 3.0 Enterprise Security Platform
Major App Release Streamlines Design and Enhances Identity Badge Features
Distil Networks Releases New Data on The State of Digital Advertising Fraud
Findings show large majority of publishers (75 percent) and advertisers (59 percent) are either unable, or unsure, about how to decipher human versus non-human traffic
Cytegic Secures $3 Million in Second Angel Financing Round
Additional Funding Will Help Scale Customer Acquisition and North American Expansion
E8 Security Unveils Behavioral Intelligence Solution
E8 Security’s Behavioral Intelligence Platform combines behavioral analytics with human insight to track and identify evolving threats, prioritize risk and speed up response times
Synack Pairs Dynamic Human Expertise with Innovative Vulnerability Intelligence Platform, Securing Perimeter Against Breaches
Synack Launches Hydra - Integrated Directly with the Synack Red Team, Platform Provides Actionable, Continuous Exploitation Intelligence to the Enterprise
Trend Micro Acquires HP TippingPoint
Combines next-generation IPS with industry-leading breach detection
ZixCorp Delivers Powerful New Solution with Global IT Leader
New ZixGateway with Cisco Technology Introduces Option for Security Conscious Enterprise Customers
Wombat Security Announces the Acquisition of ThreatSim; Extends Leadership in Security Awareness and Training Market
The combined organization provides security officers with the most comprehensive and effective security awareness and training solution, which provides actionable intelligence about employee knowledge and vulnerability to attack.
Lastline Debuts New Product to Protect Enterprise from Advanced Malware
Lastline Detonator leverages existing deployments, such as Tripwire and Bit9 + Carbon Black, to make advanced malware protection as easy as “flipping a switch.”
LookingGlass Simplifies Threat Intel with Contribution to Open Source Community
OpenTPX provides machine-readable threat intelligence, combining network security operations data with threat intelligence, analysis and scoring data in an optimized manner
New Security Solution Targets Third Party Vendors to Prevent Data Breaches
Bay Dynamics® Vendor Risk Assurance™ Solution Identifies, Analyzes and Remediates Risky Vendor Behaviors
Security Researchers Validate Major Problems with IoT
IoT Village Demonstrates Rampant Security Vulnerabilities in Connected Devices
ISACA Study: Organizations Still Leaving Doors Open for Advanced Cyberattacks
1 in 4 Have Experienced an APT
TrapX Announces the Release of DeceptionGrid™ Version 5
Expanded Capability Reduces Time-to-Breach Detection
New Survey Reveals 1 in 5 Households Suffered Data Breach in Past Year
ESET and National Cyber Security Alliance found 40 percent failed to properly secure their wireless routers.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
