Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Mobile Malware Evolution: Three Infection Attempts Per User In 2013
Nearly 145,000 new malicious programs for mobile devices were detected in 2013
SAS For Windows Buffer Overflow Leads To Code Execution
Vulnerabilities were discovered in a routine security crash
Qualys Introduces Continuous Monitoring Cloud Service For Global Perimeters
QualysGuard Cloud Platform available immediately in beta for all customers
TraceSecurity Enhances TraceCSO To Simplify IT GRC Management
Customers will see improvements in key features, new functionality, and other enhanced performance metrics
Tufin Unveils Tufin Orchestration Suite Version R14-1
Company also announces integration with IT automation leader Puppet Labs
Catbird Partners With Trapezoid
Combined solution will leverage Trapezoid Marker to meet 24 FISMA controls
Barracuda Announces Third Quarter Fiscal 2014 Results
Gross billings up 19% year-over-year to a record $77.5 million
Commtouch Completes Name Change To CYREN
Company adopted new name as part of transformation into provider of cloud-based information security solutions
Napatech Unveils Network Analysis Adapter To Enhance Appliance Throughput
Four-port 10 Gbps network analysis adapter provides full 40 Gbps analysis
New Verizon Cyber Intelligence Center Helps Speed Detection, Mitigation Of Cyberthreats For Enterprises, Government Agencies
VCIC will provide sources of threat intelligence so enterprises can identify and respond to threats early in attack cycle
Lancope Announces New Global Secure Partner Program
Program is now available in the U.S.
Netskope Survey: More Than 60 Percent Of IT's Most Security Savvy Professionals Are Either Unaware Of Their Company's Cloud App Policies Or Don't Have One
In absence of cloud app policies, more than two-thirds of attendees surveyed said they would consider their company's privacy policy before downloading an app
Emulex Announces Endace Fusion Connector For Sourcefire Defense Center
Connector enables streamlined access to granular network packet history
Fortinet 2014 Privacy Survey Reveals Gen-X And Millennial Attitudes Surrounding Passwords, Personal Data, Email Snooping, Online Marketing Practices
Survey revealed 41% of respondents never change online passwords or only when prompted
Trend Micro Evolves Mobile Security Solutions, Elevating Capabilities for Combating Cyber Threats And Data Loss For Businesses, Consumers
New solutions will help mitigate threats to mobile networks and devices
Wave Systems Begins Shipping its Management Software With Samsung Electronics' TPM Security Chips
With the TPM, IT can detect unauthorized changes in the boot process that could signal the presence of a rootkit
Samsung And Zscaler Announce Enterprise-Ready Mobile Security Solution
Solution extends security and compliance policies from Zscaler security cloud to Samsung KNOX
nPulse Technologies Launches Cyclone Network Forensics Platform For The 10 Gig World
Cyclone Network Forensics Platform includes line-rate extraction of crucial application layer security metadata
Veracode Launches Software Composition Analysis Service
Integrates software composition analysis (SCA) with application security analysis in a cloud-based platform
SAFECode Releases Free Online Software Security Training Courses
Courses range from preventing SQL injection to avoiding cross site request forgery
Huawei Launches Next Generation Anti-DDoS Solution At RSA Conference 2014
AntiDDoS8000 series protects against application layer, mobile device, and outbound DDoS attacks
Barracuda Sees Growing Market Adoption With Security Offerings On Microsoft Windows Azure
Provides firewalling and site-to-site secure remote access from on-premises networks to Windows Azure or Vnets within Windows Azure
Trend Micro Delivers Comprehensive Defense With HP Against Targeted Attacks
Trend Micro Deep Discovery and HP TippingPoint will be combined
RSA Teams With Pivotal To Offer Security Analytics And Big Data Playbook
New reference architecture provides actionable intelligence needed to detect security threats
RSA Conference 2014 Announces Recipients of 17th Annual Awards For Excellence In Information Security, Excellence In Public Policy & Excellence In Mathematics
F. Lynn McNulty, first Director of Information Systems Security for the U.S. State Department, received Lifetime Achievement Award
AT&T And IBM Simplify Cyber Security Management
New joint service will combine security network infrastructure with advanced threat monitoring and analytics
Entrust Integrates 3M Cogent Biometric Technology Into Entrust IdentityGuard Software Authentication Platform
Collaboration allows organizations to leverage fingerprint biometrics to authenticate users for logical access to workstations
Tufin Survey Reveals 91% Of Security Managers Are Under Pressure To Deliver Applications And Services Faster
More than three-quarters of respondents believe virtualization will have the biggest impact on security operations during next 12 to 18 months
Fortinet's FortiGuard Labs Reports 96.5% Of All Mobile Malware Tracked Is Android-Based
Symbian was a distant second at 3.45 percent and iOS, BlackBerry, PalmOS, and Windows together don’t even warrant 1 percent
CA Introduces New Products For Identity And Access Management
Mobility and API solutions help secure cloud, Web, and mobile applications
Cenzic Announces New Application Security Service For The Connected Enterprise
Cenzic PASS allows enterprises to define the criteria for acceptably safe partner applications
Webroot Announces BrightCloud Threat Intelligence Services and Endpoint Breach Protection Solution For OEMs And Enterprises
Cloud-based security offerings address increasing sophistication of online threats
AccessData Introduces Continuous, Automated Incident Resolution Platform
InSight Platform enables enterprise visibility into network traffic and endpoint data, including mobile devices
CrowdStrike Inc. Partners With IBM To Launch Advanced Cyber Threat Intelligence Service
Managed service planned for limited initial release in the first half of 2014
Startup BlueBox Launches, Rolls Out New Approach To BYOD Security Problem
Bluebox SaaS mobile data security solution delivers visibility of corporate data as it moves throughout the mobile workflow
IBM Announces Security Forensics Capabilities To Help Protect Critical Data
IBM Security QRadar Incident Forensics designed as a module for the QRadar Security Intelligence Platform
McAfee Announces New Product That Stops Advanced Threats In Milliseconds
At the core of McAfee Threat Intelligence Exchange is a new virtual appliance that connects multiple enterprise security platforms
Removing Admin Rights Mitigates 92% Of Critical Microsoft Vulnerabilities
New analysis of Patch Tuesday bulletins shows benefits of stripping admin rights
IID Launches ActiveTrust Cyber Threat Sharing And Collaboration Network
Dozens of Major Enterprises and Government Agencies Quickly Adopt Platform to Control and Coordinate the Latest Cybersecurity Intelligence
Cylance Announces $20 Million in Series B Funding
Blackstone, Khosla Ventures, Fairhaven Capital and Private Investors Accelerate Cylance's Growth and Advanced Mathematics Platform
ThreatTrack Security Introduces Automated APT Remediation
New ThreatSecure platform generates custom remediation signatures for newly discovered malware threats, including APTs, targeted attacks and zero-days
Ionic Security Secures $25.5 Million in Series B Funding
Co-Lead by Google Ventures and Jafco, Leading Security Startup Prepares to Disrupt Traditional Perimeter Security
Deloitte Launches Secure.Vigilant.Resilient
New approach to cyber risk to help complex organizations reap benefits of growth and innovation
Proofpoint Adds Next-Generation Predictive Defense To Targeted Attack Protection Solution
Protects users from malware and advanced threats in both URLs and email attachments
Pindrop Security Launches Combined Voice Biometric and Phoneprinting Fraud Detection System
New Level of Authentication Improves Phone Fraud Detection Capabilities
FireEye Announces Threat Analytics Capabilities for the FireEye Security Platform
Cloud-based solution enables security teams to identify attacks and accelerate incident response by correlating security event data with FireEye Real-Time Threat Intelligence
Okta Delivers New Identity Offerings to Power Cloud-Based Services
Jive Software and Advent Software Among Cloud Service Providers Using Okta to Address Range of Identity-Related Needs for Innovative Cloud Offerings
CyberArk Launches Enhanced CyberArk DNA to Detect Pass-the-Hash Vulnerabilities
Discovery and Audit Tool to Identify and Map Exposed Password Hashes and Vulnerable Machines on a Network; Free Trial Available for Limited Time
AlgoSec Partners With Qualys
New Integration Delivers Application-Centric Vulnerability Management, Aggregating and Scoring Vulnerabilities Based on Risk and Continuously Monitoring for Changes within Data Center Environments
SANS-Norse Cyberthreat Report Reveals that Cyberattacks Are Causing an Epidemic of Compromises at Healthcare Organizations
Norse Global Threat Intelligence Platform Identifies Healthcare Organizations' Compromised Networks, Applications, Devices and Systems
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
