Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
US PC Users Making Some Progress in Patching Software Vulnerabilities, But Significant Challenges Remain
Private Microsoft® Windows® users patching their operating systems more diligently – but the same cannot be said of Apple® QuickTime® and Oracle® Java® users.
Threat Stack Secures $15.3 Million in Series B Funding to Drive More Efficiency for Cloud Security Teams
Scale Venture Partners Leads Round; Market Demand and Rapid Customer Growth Key to Series B Funding Round
Bitglass Report: BYOD Supported in More Than 70 Percent of Organizations That Are Driven by Need for Increased Productivity
Financial Services Industry Leads in Support for BYOD, Despite Regulations and Security Concerns
VASCO Launches FIDO U2F Certified Authenticator for Use with Popular Online Applications
DIGIPASS SecureClick one-button authenticator allows users to easily add the enhanced security of two-factor authentication to common applications
Symantec Partners with Rockwell Automation to Maximize Security for Industrial PCs
Symantec Embedded Security: Critical Systems Protection has been qualified for use with Rockwell Automation software
TrapX Security Expands: Fueled by Customer Demand and Additional $5 Million Investment from Strategic Cyber Ventures LLC
In Addition to Triple Digit Worldwide Growth, the Company Appointed Three New Vice Presidents to Further Expand the Company’s Product Portfolio and Increase Worldwide Sales
Bastille Report Finds More Than 80 Percent of Businesses are Potentially Vulnerable to Being MouseJacked
Results Suggest That Despite Increased Awareness and Concern, Some Companies and Individuals Continue to Ignore Risks of the MouseJack Threat
LANDESK Closes 7th Acquisition in 5 Years
Finalizes AppSense Acquisition, Advances Lead in Unified Endpoint Management with Extended User Virtualization Capabilities
ISACA’s New Cybersecurity Boot Camp Coming to New York
Intensive five-day training helps organizations develop their cyber workforces
Former NSC Director of Cybersecurity Policy Leads Illumio Cyber Assessment Program
Program Designed to Identify Attack Surface and Secure High-Value Assets Inside Data Centers and Clouds
Let’s Encrypt Leaves Beta
New and renewing sponsors back Let’s Encrypt technology and its mission to encrypt 100 percent of the Web
DHS, NASA PARTNER IN SEARCH OF INNOVATION IN HOMELAND SECURITY
Developing Prize Competitions to Engage Citizen Scientists in Public and Private Sectors
TECHNICAL EXPERTS AT BAE SYSTEMS REVEAL DETAILS OF NEW STRAIN OF VIRULENT CYBER THREAT
Cyber criminals targeting public institutions with modified form of Qbot malware
Optiv Security Expands Identity and Access Management with Close of Advancive Acquisition
Transaction Brings Together Two Respected IAM Organizations to Solve Client Identity Problems in New and Innovative Ways
KnowBe4 Unveils Kevin Mitnick Security Awareness Training Spring 2016
KnowBe4 adds first human pentest, USB drive test, and geo-location to simulated phishing testing.
Unsecured Vendor Access Creates the Perfect Storm for Cyber Attacks
Groundbreaking Vendor Vulnerability study finds an increasing trust and dependence on third-party vendors with access to IT systems is opening organizations up to cyber-security breaches
CodeMeter Named CODiE Awards Finalist
CodeMeter Secure Licensing Platform earns prestigious industry recognition
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
