Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Ukraine Approves Biometric IDs
IDs will comply with the standards recommended by the International Civil Aviation Organization
Advanced Data Processing Inc. Discloses Ambulance Data Billing System Breach
Investigation revealed unauthorized access and, in certain instances, disclosure of personal information
Agiliance Now Offers More Than 50 Data Connectors To Enable Real-Time Security Risk Intelligence And Remediation
Agiliance also introduced a new connector type called "Big Data"
Voltage Security Leverages Persistent Systems To Deliver Solution Upgrades And Security Alerts
Voltage is now able to deliver solution upgrades within 18 hours
Trend Micro Cloud Security Solutions Optimized For Amazon Web Services
Customers can leverage AWS Storage Gateway
TrainACE Releases White Paper That Examines Notable Differences In CASP vs. CISSP Certifications
First publicized white paper explores two security certifications
IBM And ForeScout Team on Network Security Intelligence And Automated Threat Response
Partnership will allow joint customers to improve real-time visibility, security intelligence, and automated control
CellTrust Announces HIPAA-Compliant Communication Integration Server
Server is available as a hosted cloud solution or as an enterprise solution
GlobalSign Adds StopTheHacker Malware Monitoring Services To SSL Certificates
Partnership will provide advanced malware detection for GlobalSign’s SSL Certificate customers
NSS Labs Reveals Browsers' Anti-Phishing Progress And Phishers' New Tactics
Examined four leading browsers -- Apple Safari, Google Chrome, Microsoft Internet Explorer, and Mozilla Firefox
Study Finds Unencrypted Payment Data On Business Networks Remains At 70%
SecurityMetrics PANscan finds financial, hospitality, retail industries store most info
Entrust Solves 3 Major SSL Compliance Challenges With Certificate Discovery Service
Entrust Discovery includes automatic certificate chain validation email alerts
Public Interest Registry Survey Reveals That Most Americans Are Uninformed About DDoS Attacks
Across the board there is a lack of understanding about DDoS attacks
Foreground Security Offers Customers A Virtual Security Operations Center (V-SOC)
Solutions designed to assist government and commercial organizations anticipate, detect and respond to advanced threats and vulnerabilities
'Bring Your Own Network' Policy Tackles Rising Network Costs And Security In The Enterprise, iPass White Paper
Whitepaper outlines how CIOs and IT departments can boost mobile working practices effectively and tackle the rising security risks and costs of BYOD and BYON policies
Trend Micro New Free Online Assessment Tools For Cloud, Cyber & Mobile Security
Results are provided in five areas of security: protection, responsiveness, organization, expertise and visibility
Cooperation Is Key For Europe's Cybersecurity
ENISA meeting brought together key figures from the European Parliament, European Commission, and the computer industry
LabTech And Symantec Complete Integration Of Backup and Endpoint Security Solutions For IT Service Providers
MSPs can use LabTech's RMM tools to deploy, set up, manage, and monitor backup and endpoint security across multiple domains
Panorama9 Launches Patch Management For Mac
Tool automates tedious patch management activities
Black Hat Abu Dhabi Unveils 2012 Program in Cooperation With TRA & Khalifa University Of Science And Technology
Jeff Moss, VP and Information Security officer at ICANN, will keynote
New Visa Consumer Authentication Service Combats eCommerce Fraud
Solution designed to seamlessly support an issuer's Three Domain Secure (3-D Secure) program
Kudelski Group Launches Kudelski Security
Offering consists of a set of services initially focusing on assisting companies to assess risk and vulnerabilities
IDaaS Provider Announces 1 Million Identities Under Management
According to Gartner, IDaaS will account for 25% of all new IAM sales by the end of 2014
RSA Targets Advanced Threats and 'Account Takeover' Attacks With New RSA Adaptive Authentication Solution
Solution uses a Big Data approach to help combat threats posed by more than 30 million variants of malware
Consumer Awareness, SSL Digital Certificates Offer Protection Against Holiday Online Scams, Says Security Expert
Entrust provides five tips to ensure consumers have a safe online shopping season
Panda Security Launches New Panda GateDefender Performa eSeries
eSeries is a new line of integrated perimeter security appliances designed for midsize and large companies
Cisco Announces Intent To Acquire Meraki
Meraki offers midmarket customers on-premise networking solutions that can be centrally managed from the cloud
PCI Council Issues New Guidance On Risk Assessment
PCI DSS Risk Assessment Guidelines Information Supplement can help identify threats and associated vulnerabilities that could jeopardize security of payment card data
GlobalSign SSL Configuration Checker Provides Guidance To Reduce Cybercriminals' Ability To Exploit Faulty SSL Configurations
Free online service allows website administrators to confirm that they have correctly configured SSL
Symantec's Digital Information Index Reveals Half Of Business Information Resides Outside The Firewall
Cloud and mobile computing driving information sprawl
Georgia Tech Releases Cyber Threats Forecast for 2013
Specific threats include cloud-based botnets
ForgeRock Launches Open Identity Stack To Protect Enterprise, Cloud, Social, And Mobile Applications
Open Identity Stack provides an all-in-one platform to deploy identity management
CounterTack Names New Chief Researcher
Sean Bodmer has more than 16 years of security assurance experience
Faronics Survey Reveals BYOD, Unstructured Data, Check And Credit Card Fraud As Most Critical Threats To Businesses
Study reveals that businesses don’t fully grasp the repercussions resulting from one or more data breaches
Radware Introduces Attack Mitigation Solution, DefensePro x420
DefensePro x420 can handle 25 million packets per second of attack traffic
Vint Cerf Named Chair Of StopBadware Board Of Directors
Esther Dyson will take on the office of clerk
Forrester Survey: Wary Enterprises Still Place Sensitive Data In The Cloud
User provisioning and SSO/Web access management the two leading access-control priorities for enterprises
GFI Launches VIPRE 6.0 For Business
Integrated antivirus, patch management, and Mobile Device Management on a single console
Sophos Intros New UTM Exclusively For SMBs
Sophos UTM 100 with BasicGuard provides network, email, Web, and wireless protection
New Symantec Protection Center Mobile, Security Dashboard For iPad
Symantec Protection Center Mobile leverages Symantec Protection Center Enterprise platform
Vigilant Announces Threat Intelligence Portal
CTI Portal allows for faster investigation of potential threats
Palo Alto Networks Rolls Out Virtualized, Other Firewalls
New products are supported by the release of PAN-OS 5.0
Panda Security Updates Cloud Partner Center
Latest version of the partner console allows management of Panda Security's entire cloud portfolio
FTC Commissioner Chats With Industry Leaders
"Privacy is being incorporated at the most fundamental levels," said Julie Brill at Annual PMA Marketing Law Conference
Employee-Empowering Technologies Raise Security Stakes For Organizations, New CompTIA Study Reveals
Majority of companies attribute human error as a contributing cause of security breaches
65% Of Organizations Experience Three DDoS Attacks A Year
New report from Radware and the Ponemon Institute reveals DoS and DDoS attacks now rank as two of the top three threats organizations face
HiSoftware Releases Next Generation Of Solutions For NewsGator Social Compliance Monitoring
Solution helps organizations better detect, document, and prevent privacy breaches and exposure of confidential information in their social environments
Head Of HP Enterprise Security Takes Over As Vormetric CEO
Alan Kessler has more than 20 years of management experience
SAP To Deliver Enhanced Enterprise Security, Apps And App Platform For Windows 8
SAP plans to offer six business apps for Windows 8 for use on devices of various form factors
Two Thirds Of Brits Back Pre-Emptive Cyber Strikes On Enemy States, Reveals Logrhythm Research
Growing cybertension between nations fuels public desire for intensified government action
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
