Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Spikes Security Introduces Isla, Web Malware Isolation System
Isla Appliances Work Transparently With All Modern Browsers, Securing Local and Remote Users on All Platforms, Including Windows, OSX, Linux, Android, iOS, and Blackberry
Startup Virtru Supporting Sensitive Work of Nonprofits
Secure, End-to-End Email Encryption Provides Nonprofits With the Ability to Share Sensitive Information, Fostering Collaboration, Convenience and Compliance
Checkmarx Receives $84 Million Investment From Insight Venture Partners to Further Accelerate Growth
HONEYWELL & INTEL TEAM UP ON CRITICAL INFRASTRUCTURE & INDUSTRIAL IOT
Intel Security Technologies to be Included in Honeywell’s Industrial Cyber Security Solutions for Process Control
Waratek Makes Apps Self-Testing and Self-Protecting
AppSecurity for Java Product Uses Outputs from Leading Application Security Testing Tools to Virtually Patch Flaws without Any Code Changes
Survey Shows Insider Threats on the Rise: Organizations Experience an Average of 3.8 Attacks per Year
Survey by Crowd Research Partners Shows Endpoints Are by Far the Most Common Launch Point for an Insider Attack; Highlights Need for Robust Endpoint Security and Policies
Tanium Unveils New Forensics Capability For Incident Response
New innovation within industry-leading platform dramatically accelerates investigations across millions of endpoints in seconds; only platform to bridge Security and IT Operations for closed-loop endpoint security
CENTRI Joins Cloud Security Alliance
Data Security Software Provider to Contribute Expertise on Data Encryption and Optimization with CSA Activities
Survey: Most Enterprises Don't Fix 60 Percent of Security Vulnerabilities
More than half take three Months to remediate flaws, according to a joint survey by Waratek at Gartner Security and Risk Management Summit
Survey: 86 Percent of Energy Security Professionals Believe They Can Detect a Breach on Critical Systems in Less Than One Week
Tripwire survey compares cybersecurity views of 400 energy executives and IT professionals
Most Enterprises Do Not Fix 60 Percent of Security Vulnerabilities they Discover
More than half take Three Months or More to Remediate Flaws According to Survey Conducted by Waratek at Gartner Security and Risk Management Summit
Skyhigh Cloud Report: Average Healthcare Organization Uploads 6.8 TB of Data Per Month
Analysis is Based on Actual Usage Data for Over 1.6 Million Employees at Healthcare Providers and Payers
Fidelis Cybersecurity Survey Shows Lack of Trust, Limited Visibility and Knowledge Gap between the Board and IT Security Professionals
New survey from Ponemon Institute and Fidelis underscores how the divide adds risk against advanced threats
HackerOne Raises $25 Million to Make the Internet Safer
New Enterprise Associates leads Series B financing with participation from existing investors including Benchmark and additional investment from Yuri Milner, Marc Benioff, Drew Houston and Jeremy Stoppelman
ProtectWise Appoints Former Commander Of Army Cyber Command To Advisory Board
Lieutenant General Rhett A. Hernandez, U.S. Army (Retired) Named Company's First Strategic Advisor
Pulse Secure Appoints Sudhakar Ramakrishna as Chief Executive Officer and Board Member
Former Citrix SVP and GM Brings Nearly 25 Years of Strategy, Business Management and Team Building Experience
Moving Towards Secure PHI In The Cloud, Prescription Savings Company Adopts Managed Encryption Services
Rx Savings Solutions blends FireHost’s secure managed cloud and encryption service based on Vormetric technology to protect ePHI, comply with HIPAA
DigiCert Acquires Verizon Enterprise SSL Business
Growing roster of enterprises to benefit from industry-leading certificate management services; Verizon to continue to offer SSL Certificates as DigiCert reseller
SRI International Releases New Game for DARPA Crowd-Sourced Software Verification Program
Citizen scientists interested in cybersecurity can now play Binary Fission
at www.verigames.com
Malwarebytes Acquires Junkware Removal Tool
Acquisition of popular security tool reinforces Malwarebytes’ commitment to fighting against potentially unwanted programs (PUPs)
MAKING HACKERS OBSOLETE BY MAKING DATA INACCESSIBLE
Cybersecurity Firm Provides Retroactive Security by Removing Access to Email and Files Even after They Have Left a Company’s Network
Vera Secures Files with Microsoft Office 365
Create Documents with Office 365, Store in OneDrive, Dropbox, or Box, and Secure with Vera
Strong Encryption, Granular Access Policies, and a Built-In Kill Switch for All Office Files No Matter Where They Are Stored
Latest Research Highlights Growing Insider Threat in Cybersecurity Landscape
The Insider Threat Spotlight Report, sponsored by Watchful Software, calls attention to major threat/risk vector and potential lack of preparedness for data breach.
EiQ Networks Leverages Critical Security Controls to Deliver Proactive Compliance Management
First Solution to Map SANS Critical Security Controls to Compliance Frameworks for Improved Security
Pindrop Security Reveals Financial and Retail Institution Call Centers See 30 Percent Rise in Phone Fraud
Consumers receiving more than 86.2 million phone scam calls per month in U.S.
Cyber-Security Startup Ensilo Announces $10m Funding For Preventing Threat Actors From Extracting Key Data In Real-Time
Series A Funding from Lightspeed Venture Partners and Carmel Ventures Will Enable enSilo’s Data-Exfiltration Prevention Approach to Expand in the US Market
Fastly Adds Key Enterprise Security Leadership
Window Snyder, Security Veteran of Apple, Mozilla, and Microsoft, Joins Growing Cloud Infrastructure Company
Acuant Survey: Companies Look to the Cloud for Better Information Capture, Verification and Collaboration
Identity verification lags even as 84% consider it ‘critical’ or ‘very important’ in the card scanning process
vArmour Offers New vArmour DSS-VFree, Downloadable Application-Level Visibility Solution
vArmour empowers IT professionals to visualize complex applications in virtual and cloud environments
Dataguise Introduces Big Data Security Suite for On-Premise and Cloud Deployments
Company Delivers DgSecure 5.0 to Provide Insight and Access to Different Sensitive Data Classifications
EY escalates battle against cybercrime with launch of managed security operations center
EY to invest more than US$20m in its Managed Security Operations Center, increasing its cybersecurity workforce six-fold by 2020
New Center to use advanced analytics to predict and prevent future cyber threats
New Study Shows How Strategic, Or Not, Security Is To Chief Execs
While most C-Level executives are sure their infrastructure is safe, many more admit that better security will only come with enhanced visibility into the network
Entrust Datacard Integrates with Citrix Mobility Solution to Empower Mobile
Integration between Entrust IdentityGuard authentication and credential management capabilities with XenMobile enable secure anytime-anywhere productivity for the mobile workforce
Tenable Extends Capabilities to Assure Security Across Complex IT Environments
Additional coverage for Mac OS X and Linux helps Tenable customers further reduce the attack surface and strengthen system visibility on portable devices and other hard-to-scan assets.
Tenable Network Security Extends Capabilities of Nessus Agents
Additional coverage for Mac OS X and Linux helps Tenable customers further reduce the attack surface and strengthen system visibility on portable devices and other hard-to-scan assets
SOPHOS ADDS EMAIL SECURITY TO ITS CLOUD SECURITY PORTFOLIO
Acquisition of Reflexion Networks delivers effective and easy-to-use email security via the cloud.
New Survey Reveals Limited Enterprise Ability to Respond to Attacks on the Trust Provided by Keys and Certificates
RSA Survey of Nearly 850 IT Security Professionals Finds They Don’t Know How to Detect and Respond to Key and Certificate Vulnerabilities
Ping Identity Announces Enhanced Partner Program to Strengthen Security in a Borderless World
Program Offers Partners Opportunity to Capitalize on Rapid Growth of Predicted $18 Billion Identity Access Management Market
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
