Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
New ISACA Events Serve Women in Security
Free Webinar in June and CSX 2015 in October
New Survey Shows Lack of Confidence in Organizations' Cyber Security
New Lieberman Software survey reveals that today’s complicated IT security solutions are not being properly deployed and, for most organizations, compliance trumps security
Fortinet Announces Agreement to Acquire Meru Networks
Acquisition Expected to Bolster Fortinet’s Secure Wireless Solutions, Add Enterprise Customers, and Expand Total Addressable Market
Imperva Unveils New Cloud Architecture to Maximize Protection of Data and Applications
Imperva Skyfence, Provisioned on Imperva Incapsula, Provides Superior Levels of Security, Performance and Availability
Check Point Delivers SCADA Security Solutions to Protect Industrial Control Systems against Cyber Threats
New hardened security appliance with most in depth SCADA security for your Critical Infrastructure
Promisec Brings a New Weapon to Combat Cyber Attackers with Release of Promisec Endpoint Manager 4.11
Combining File Integrity Monitoring and File Reputation Scoring, PEM 4.11 provides Endpoint Detection and Remediation (EDR) of Advanced Threats at Enterprise scale
Fortinet Signs Collaborative Research and Development Agreement with U.S. Department of Homeland Security
Sharing of Real-Time Security Data to Strengthen Threat Intelligence for Fortinet Customers Globally
Fox-IT Launches Web and Mobile Event Analytics Platform for U.S. Financial Services Industry
Company will demonstrate DetACT at the 2015 FS-ISAC and BITS Annual Summit solution showcase
Delphix Acquires Data Masking Leader, Axis Technology Software
Acquisition Adds Integrated Masking to Data as a Service Platform
Logentries Launches Low-Cost Security Information and Event Management (SIEM) Service for Easy, Real-time Security Analysis
Industry-standard SIEM Service Enables Customers to Easily and Cost-effectively Meet Specific Compliance Requirements
MACH37 Cyber Accelerator Accepting Applications for Fall 2015 Session
Fall 15 Cohort to Begin on September 8th
Veracode Introduces IAST for Enhanced Risk Reduction in DevOps and Agile Environments
Continues Strategy of Incorporating Complementary Technologies via Open and Extensible Platform
OpenDNS First to Offer Threat Intelligence Cloud Enforcement Through APIs
Leading Cloud Security Company Makes API Available for Customers To Enable Advanced Enforcement of Security Threats
Research Shows Workers Ignoring Known Cyber Risks, Surfing Adult Content and Downloading Unapproved Apps
Global Survey Highlights Disconnect Between Employee Awareness of Cyber Threats and Their Actions
Decline in detected malware attacks in organisations coincides perfectly with weekends.
Good Morning Monday – Hello Cyber Attack
SANs Survey Reveals Organizations Lack Control Over Mobile Workspaces
More than 64 Percent of Mobile Workers Can Access High Value Data Remotely while One in Three Devices Are Unmanaged
CoroNet Launches Solution to Protect from Eavesdropping, Data Interception and Remote Manipulation of Devices on WiFi and Cellular Networks
CoroNet’s Enterprise Offering Helps Carriers, MSSPs and Device Manufacturers
to Protect their Customers from the Fastest-Growing Cyber Threat
Digital Guardian Acquires Savant Protection
Acquisition extends the Digital Guardian Data Aware Endpoint Security Platform to fixed-function devices
Absolute Survey Shows Millennials Represent Greatest Risk to Corporate Data
Absolute Software Report Uncovers Usage Behavior and Security Risks of Connected Employees
Bitdefender Rolls Out New Technology for Virtualized Infrastructure Security
Bitdefender defeats long-exploited advanced threat vectors in virtualized environments
Bracket Computing Announces High-Assurance Security Capabilities for Hyperscale Clouds
Bracket Security Fabric Allows Large Enterprises to Move Their Most Sensitive Workloads to the Public Cloud with Confidence
LiveEnsure Launches FourSure, a Peer-to-Peer Trust App
The FourSure mobile app enables peer users to authenticate each other and protect their shared content across any social or storage network
High-Tech Bridge launches web penetration test security seal
New security seal gives consumers confidence that websites have been manually tested for most complex vulnerabilities in accordance to industry standards and best-practices
Bracket Computing Announces New High-Assurance Security Capabilities for Hyperscale Clouds
Bracket Security Fabric Allows Large Enterprises to Move Their Most Sensitive Workloads to the Public Cloud
Survey: Most IT Pros Don’t Know Where Sensitive Company Data Resides
Survey Results from RSA Conference Indicate Securing the Cloud Continues to be a Work in Progress
Enterprise IT Heads Indicate Need for Scalable, Secure Mobile App Platforms
New moBack Study Finds More Than Half of Enterprises Developing Mobile and Web Applications Cite Biggest Challenge as High Costs Associated with DevOps and Infrastructure Provisioning
Free App Shows Unencrypted Data
App From UNH Helps You Find Unencrypted Data Leaked From Applications on Your Phone and Computer
Online ad industry fires back against $6.3 billion fraud issue
TAG “Fraud Threat List” Identifies Known Sources of Bot Traffic; Pilot Program Underway with Broader Deployment Expected in Q3 2015
Twistlock Unveils Virtual Container Security Suite to Keep Container-Based Apps Secure
Emerging from Stealth Mode, the Company Announces $2.5 Million Funding from YL Ventures
BakerHostetler Data Security Incident Response Report Shows Human Error is More Often to Blame
Findings highlight employee negligence as primary factor in majority of cases; No industry is immune; Enhanced detection capabilities critical
Troux Introduces Solutions to Combat Cybersecurity Risk
Technology Lifecycle Management Shores Up Most Common Opening for Cyber Criminals
Swivel Secure Launches OneTouch Authentication
Mobile app-based deployment option offers increased speed for authentication
Cybereason Closes $25 Million Series B Funding Round, Enters Strategic Partnership with Lockheed Martin
Spark Capital and Lockheed Martin Join CRV; Lockheed Martin to Deploy the Cybereason Platform Across 120,000 Internal Endpoints, Integrates it into its Cyber Solution Portfolio
Browser Malware, Operational Burdens Driving Enterprises to Seek Effective Technology for Secure Web Access
In New ESG Study, IT Professionals Cite Escalating Security Vulnerabilities and Operational Issues; Say Securing the Browser is an Administrative Nightmare.
Visa Launches Online Toolkit to Educate Business Owners on Benefits of Chip Technology
This new resource provides tips and training for merchants seeking a seamless transition to chip-enabled card readers
Kaspersky Lab Reports Malicious Attack Increase in Q1 IT Threat Evolution Report
The Company Reflects on Monumental Cyber Threat Discoveries Reported During the Quarter
NH-ISAC, THE NATIONAL HEALTH ISAC, SELECTS SOLTRA EDGE TO STANDARDIZE THREAT INTELLIGENCE PLATFORM
Becomes The Second ISAC to Leverage the Solution to Strengthen
Cyber Threat Intelligence Capabilities with Soltra
Issuers Forecast U.S. Shift to Chip Cards To Be Nearly Complete by 2017
New Payments Security Task Force Survey Notes Accelerated Move Toward More Secure Technology
Facebook Adopts RiskIQ To Stop Malvertising
Protects More than One Billion Users from Malicious Ads
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
