Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
SS8 BreachDetect Helps Uncover Breaches Without Forensics Expertise
New timeline views of the cyber kill chain and simplified explanations complement severity-ranked threat detection.
Ziften Launches Platform to Protect Enterprise Devices, Data Centers, Cloud
New security architecture enables endpoint discovery, protection, and forensics for enterprise networks.
Cisco Helps Eliminate Performance and Protection Trade-Offs with Next-Generation Firewall for the Internet Edge
Cisco Helps Businesses Eliminate Performance and Protection Trade-Offs with Next-Generation Firewall for the Internet Edge
80% of IT, Security Pros Claim to Use Outmoded Collaboration Tools
New research from Intralinks and the Cloud Security Alliance identifies three key obstacles to content-driven digital transformation and data privacy compliance.
KPMG Offers Flat-Rate Automated Tool For Cyber Investigations
KPMG Digital Responder automates cyber response from the point of collection to reporting, significantly reducing cost and time of cyber investigations
BT, Symantec Partner On Network Traffic Protection, Security Management
BT and Symantec join forces to improve cloud security and simplify network administration for customers.
Symantec Releases Platform To Address Cloud Security Challenges
The Symantec Cloud Security Platform ensures information security and protects against threats across the cloud spectrum.
Intercom Launches Bugcrowd Bug Bounty Program
Bugcrowd’s curated crowd, simple-to-use platform and deep program expertise helps Intercom to secure customer data.
Intel Security's Unifying Strategy Mends Cybersecurity Fragmentation
The strategy brings integrated and automated solutions, a broader partner ecosystem, and advanced architecture with cross-industry collaboration.
TrapX Deepens Deception Capabilities with DeceptionGrid 6.0
The newest version brings Deception-in-Depth architecture, featuring a full OS that can replicate a production environment while increasing attack visualization.
FireEye Announces Endpoint Exploit Prevention, Anti-Virus Replacement
Anti-virus integration, exploit guard enhancements, and Mac support to offer an endpoint protection platform in 2017 via free subscriber updates.
TopSpin Wins 2017 Cybersecurity Excellence Award For Threat Detection, Intelligence, Response
TopSpin's DECOYnet intelligent deception and detection platform was voted as a winner by members of the information security community.
Security Skills Gap Leaves 1 In 4 Businesses Exposed For 6 Months Or Longer
At this year's RSA Conference, ISACA will discuss how to address the growing skills gap as the demand for qualified cybersecurity professionals continues to outstrip supply.
Thales Addresses Business Encryption Key Governance For Microsoft Azure
Key management-as-a-service (KMaaS) meets enterprise needs for direct control of encryption keys.
Thales Supports Customer-Supplied Encryption Keys on Google Cloud
The nShield HSM "bring your own key" is now available for Google customers supplying keys.
25 Percent of Web Apps Still Vulnerable to Eight of the OWASP Top Ten
Research from Contrast Security also finds that 80 Percent of software applications aad at least one vulnerability
ExtraHop Introduces Cloud-Based Machine Learning for Cybersecurity, Data-Driven IT
New SaaS Offering Delivers Intelligent Performance and Security Alerting to Cut Through the Noise and Keep IT Focused on Improving the Digital Experience
Recorded Future Expands Threat Intelligence Solution
Armed With All-Source Insight Powered by Machine Learning in a Unified Solution, Analysts Can Investigate Emerging Threats Up to 10x Faster
Aruba Extends Security Leadership for the Intelligent Edge with Niara
UEBA Enhancements Help Reduce Security Team Anxieties by
Accelerating Detection and Response for Internally Targeted Attacks
Untangle Partners with FlashRouters to Distribute Revolutionary Firmware
Full Next-Generation Firewall Features Now Available on Popular Linksys Router.
Untangle Introduces Cloud-Based Centralized Management
Command Center Enables Remote Management of NG Firewall Deployments
SentinelOne Enhances Machine Learning For Endpoint Security Platform
A new deep file inspection engine predicts threats before they execute and sets new standards for pinpoint accuracy.
Domain Name Association Unveils Healthy Domain Practices
The Healthy Domains initiative establishes voluntary practices aimed at safeguarding the evolution of the domain name system and defines self-regulation measures.
Evident.io Secures $22 Million in Series C Funding Led By GV
Funding will accelerate a multi-cloud strategy and grow the sales team to support demand for cloud cybersecurity and compliance.
Cyren Announces Integrated Internet Security as a Service Platform
The platform unifies Web security, email security, DNS security, and cloud sandboxing on a single cloud platform.
LogicHub Raises $8M For Security Intelligence Automation Platform
New technology scales human analyst capabilities for more effective threat detection, and reduces the chance of a missed breach.
Active Directory Mismanagement Exposes 90% of Businesses to Breaches
New analysis indicates active directory mismanagement unknowingly exposes 90% of businesses to security breaches.
Dave DeWalt Joins Claroty as Board Chairman
Industry icon prioritizes safety and security of critical infrastructure as next focus; Claroty continues major market momentum
Vera Announces Vera For Mail
Data-Centric Security Company Launches Vera for Mail to Protect the Confidentiality of Email Messages and Attachments
Introducing Capsule8: Container-Aware, Real-time Threat Protection for Linux
Founded by Renowned Security Veterans and
Funded by Bessemer Venture Partners
Portnox Reveals Latest Cloud-based NAC for IoT, BYOD Corporate Networks
Portnox CLEAR solution to be demoed via Microsoft HoloLens at RSA 2017
Exabeam Secures $30 Million in Series C Funding to Disrupt SIEM market
Leverages Strength in UEBA to Create Analytics and Response Platform
New Endpoint Threat Detection and Response Service to Boost WatchGuard's Network Security Suite
New ThreatSync correlation and scoring engine automates malware detection and remediation with real-time data from networks, endpoints and cloud intelligence.
Vectra Teams with Carbon Black on AI-Powered Threat Response
Unified solution delivers security-analyst-in-software capabilities to fill enterprise cybersecurity roles in the midst of a global shortage of skilled professionals.
Research Report: Majority of Organizations Are in the Dark about Daily Network Attacks
A quarter of enterprises experienced a breach in the past year, pointing to a reliance on multiple systems, limited budget and staff.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
