Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Security Startup ThreatQuotient Lands First Round of Seed Funding
Blu Venture Investors, CIT, and the Virginia Tech Investor Network fund Seed Round to Accelerate Company’s Go-To-Market Strategy
Open Cloud Consortium Collaborates With NOAA to Release Environmental Data
Open Cloud Consortium's data alliance will make finding and accessing NOAA data easier, driving discovery
Quick Heal Launches in North America To Focus on IT Security for SMEs
Global Data Security Leader Builds Upon 22-Year Track Record; Brings SEQRITE Product Line to North America for the First Time
Report: IoT-Connected Devices Leading to Rise in SSDP-based Reflection Attacks
NSFOCUS Report States Online Gaming and Entertainment Sectors Continue to be High on the Target List and Attackers Are Becoming More Sophisticated
LOGbinder updates its Exchange, SQL Server and SharePoint Solutions
Security analysts now get mailbox audit policy configuration management, SQL Server 2014 compatibility, LEEF output, performance improvements
CERTES CRYPTOFLOW SOLUTIONS FOR IPHONE, IPAD NOW IN THE APP STORE
Extends Enterprise Apps to Any User Over Any Network, Blocking #1 Data Breach Attack Vector
Leading MSPs Form Industry Consortium
Free Remote Management and Monitoring with Integrated Professional Services Automation the Foundation of New Built-By-MSPs-For-MSPs Consortium
Bivio Networks Demonstrates Real-Time Cyber Intelligence Solution
Bivio FlowIntelligence solution combines industry leading OISF Suricata IDS/IPS and Symantec DeepSight™ datafeeds to deliver advanced threat intelligence and analysis on high speed networks
UnitedLex Redefines Managed Security With Context-Aware Service
Best-of-Breed Managed Security Service Provides Fortune 500 Caliber
Security Capabilities to Medium-Sized Businesses
Rapid7 Announces Integration of its Intruder Analytics Solution with Microsoft Office 365 to Improve Security and Transparency
UserInsight integrates with New Microsoft Office 365 Management Activity API, enabling organizations to identify and investigate intruders across the entire ecosystem, from endpoint to cloud
RSA Conference USA 2015
INTEL EMPOWERS ORGANIZATIONS TO RECOGNIZE AND RESPOND TO CYBER-ATTACKS
Intel Extends and Integrates Enterprise Portfolio with Greater Network and Endpoint Visibility and Control; Provides New Solutions for Application Layer Exfiltration Protection
Athena and Rambus Cryptography Research Division Announce Solutions to Prevent Advanced Security Threats
TeraFire® Security IP Cores Are Now Shipping with DPA Countermeasures
Study Uncovers Fears of Potential Domino Effect from Cyberattacks
While most C-level executives say cyberattacks can cause serious disruption to their own operation, many also express concerns about farther-reaching impact on the broader infrastructure at the local, state and national level
Promisec Launches ‘Freemium’ Endpoint Monitoring Service
Freemium Product Provides Critical MSSP/ OEM Support for Security Service Providers in Promisec’s Partners Program
ISSA-LA Holds 7th Annual Cybercrime Information Security Summit
World Renowned Cybersecurity Experts Converge at Southern California's Biggest Security Conference
VMware to Resell HyTrust Data Encryption and Key Management
Solutions Will Support Data Security and Compliance; Enable Enterprise Migration to Hybrid Cloud
Watchful Software Showcases New Version of RightsWATCH at RSA
Version 6.6 takes center stage at the RSA Conference at North Hall, booth #3026.
RSA Unveils Via™ Family of Smart Identity Solutions
RSA Via™ Access: Engineered to Unite Security and Convenience in a SaaS-based Solution for Managing Access for Any User from Anywhere to Anything
RSA® Security Analytics Now Extends Visibility from the Endpoint to the Cloud
New Flexible Packaging Helps Ensure Cost Effective, Enterprise-Wide Visibility for Customers
AlienVault to Work with HP on Cyber Threat-Sharing Initiative
Effort to Broaden Reach of Threat Intelligence Sharing by Connecting Threat Data from HP Threat Central and AlienVault Open Threat Exchange
AS DATA BREACHES IN NEW YORK TRIPLE, GILLIBRAND ANNOUNCES BIPARTISAN CYBER SECURITY MEASURES
Between 2006 and 2013, Number of Data Security Breaches Reported to NY Attorney General Tripled, Exposing 22.8 Million Personal Records
CloudLock Expands Cloud Security Offering for Salesforce
CloudLock expanded product portfolio helps organizations to secure sensitive data in the cloud and protect corporate assets from cyber threats
Centrify Launches Industry’s First Cloud-based Privileged Identity Service
Centrify Privilege Service Addresses Today’s Hybrid IT Environments of On-Premises and Cloud-based Systems as the Most Comprehensive Privileged Identity Solution on the Market Today
Core Security Solution Addresses Enterprise Vulnerability Management Issues
New Features Include Interactive Attack Paths, Enhanced Exploit Matching and Filtering, Flexible Reporting and Smart Card Authentication
Lastline Knowledge Base of Malware Intelligence with String Indexing Launches at RSA
Vast, Structured Repository Offers an Average of 10 Times More Data per Malware Query than Other Threat Intelligence Stores
Gurucul Protects Cloud Apps with Identity-based Threat Detection
Cloud Analytics Platform Detects Hijacked Accounts and Insider Abuse to Prevent Data Leakage and Compliance Violations
ThetaRay Protects Banks from Fraud, Money Laundering, ATM Attacks
ACHIEVES BREAKTHROUGH IN DETECTION OF FRAUD, MONEY LAUNDERING,
ATM ATTACKS AND ANOMALOUS TRANSACTIONS
New findings from 2015 North America DDoS report
Survey shows heightened preparedness and adoption of hybrid technologies
Most Companies Lack Formal Policies to Manage Open Source Security Risks
North Bridge and Black Duck Software announce ninth annual Future of Open Source survey results, revealing trends in corporate OSS use
Radware Introduces Industry’s First Hybrid Cloud Based WAF Service
Radware launches new Hybrid Cloud WAF Service – a fully-managed service that provides unmatched protection from web application attacks.
GlobalSign expands mobile authentication support in its identity services platforms
Enabling Organizations to Easily Deploy and Manage Identity for Everything™ With OAuth 2.0 for IAM, AirWatch Integration, Managed PKI and High-Availability CA Services
New survey data from Fortinet
Third-party Research Reveals Consumer Behavior May Present Greater Challenges for Enterprises that Do not have the Right Security Protections in Place
Passages Helps Businesses Prevent Targeted Attacks, Defend the Network
Company to demo new safe browsing solution at RSA Conference and present session ³Website Counterintelligence²
Raytheon Announces $1.57 Billion Acquisition of Websense
Raytheon and Vista Equity Partners enter agreement to form new cybersecurity company
Study: 82% of Organizations Expect a Cyberattack, Yet 35% Are Unable to Fill Open Security Jobs
Global Talent Pool Reflects Urgent Skills Shortage and Hiring Delays
Former CISO of eBay Dave Cullinane Launches TruSTAR, First Global Anonymous Cyber Incident Sharing Platform for Enterprises
Platform Addresses Urgent Need for Instantaneous Cyber Intelligence Sharing to Level the Playing Field for CISOs
Attivo Networks closes $8M Series A
Led by Bain Capital Ventures Bain Capital Venture’s Managing Director, Enrique Salem, Joins the Attivo Networks Board
NCR Signals Massive Makeover to Banking with Highly Secure Cloud-Based ATM Software Platform
NCR’s Kalpana™ software transforms the ATM channel, introducing ground-breaking security designed to eliminate malware and reduce total cost of ownership by up to 40%
OpenSAMM Consortium Launches Industry’s First Public Benchmarking Data for Improving Software Security
Pragmatic, Open Assessment Process Improves Usability by Enabling Organizations to Parse Data by Industry and Company Size
PCI COUNCIL PUBLISHES REVISION TO PCI DATA SECURITY STANDARD
PCI DSS 3.1 and supporting guidance helps organizations address vulnerabilities within SSL
protocol that put payment data at risk; PA-DSS revision to follow
FS-ISAC EXPANDS GLOBAL OPERATIONS: APPOINTS KRIS HERRIN SVP, GLOBAL BUSINESS SERVICES
Also Launches New European-based Security Operations Center for Follow-The-Sun Threat Intelligence Sharing and Invests in New Regional Initiatives
Onapsis Awarded Key Patent for Automated Cyber-Security Assessment of SAP Systems and Business-Critical Applications
Enterprises gain assurance of rigorous methods to protect business-critical applications, processes and data from cyber-attacks
One Tap On Your Phone Logs You In, With SecureEnvoy OneSwipe
Leading Security Innovator Debuts its OneSwipe Prototype at the RSA Conference in San Francisco April 20-24 Demonstrating its Windows 10 NFC
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
