Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
eIQnetworks Extends Security, Compliance Management To The Cloud
New features within security and compliance management platform SecureVue helps organizations identify and manage security concerns within virtualized cloud infrastructures
Seven Big-Name Vendors Pass Liberty Alliance SAML 2.0 Interoperability Testing
Identity products from Entrust, IBM, Microsoft, Novell, Ping Identity, SAP and Siemens meet SAML 2.0 requirements
PandaLabs: U.S. Ranks Ninth In Global PC Infection
Global infection ratio hits all time high this year at nearly 60 percent
Infoblox Targets Service Provider Networks With New DNS Appliance
Infoblox-1852 appliance is the newest member of Infoblox's core network services appliance family
Microsoft, FTC, USPS, Western Union Alert Consumers About Online Financial Scams
Ssearch advertising-driven PSAs will appear on Bing, and will target consumers most vulnerable to these types of Internet crimes
CyberSource Announces Enterprise Payment Security 2.0
Company outlines its approach to the effective protection of payment data
Neurotechnology's VeriEye 2.1 Ranks High In Reliability By NIST Iris Exchange (IREX) Evaluation
Neurotechnology had the fastest overall iris matching algorithm - 25 to 75 times faster than other top ranked competitors
PKWARE Acquired By Group Of Investors
Investment group, led by Novacap Technologies, also includes Maranon Capital, Garrett Investments, and PKWARE executives
Survey: 72% of Enterprises That Hire Outside Security Audits Say It Was A Worthwhile Investment
More than half felt that outside security audits resulted in identification of significant security problems
Survey: Nearly Half Of SMBs Don't Have Way To Filter, Monitor Web Traffic
SMBs are not only lagging their peers, but also underestimating the risks, according to new research by GFI Software
Adobe Joins SAFECode
SAFECode is a global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware, and services
MarkMonitor: Online Drug Brand Abuse is Growing
Latest Brandjacking Index Provides Glimpse into the Economics Fueling Supply and Demand in the Online Pharmaceutical Market
VeriSign Embeds Authentication Into Cisco SA 500 Series Security Appliances
Solutions provide employees with remote access to VPNs while protecting against email account takeover and other Internet threats
ARX Rolls Out Digital Signature Tool For Consumers, Small Businesses
CoSign Desktop provides software and a free digital certificate
Trend Micro To Ship Security Software With ASUS Machines Worldwide
Trend Micro signs OEM agreement with Asus
Layer 7 Unveils Integration Product For Integrating Corporate Apps With Amazon Cloud
New virtual gateway enables secure, reliable Web services integration between the enterprise and Amazon Cloud
Aobo Releases Mac OS X Keylogger 3.0.1
Applications include backup, parental control, employee monitoring
Voltage Enhances Voltage SecureData Data Protection Solution
Adds tokenization and data masking capabilities to existing encryption functionality
VASCO Expands Consulting Services
Practice now includes expertise and sharing of best practices in implementing strong authentication in e-banking and beyond
Dataguise Releases White Paper On Choosing/Deploying Data Masking
Paper answers key questions surrounding the use of data masking to protect sensitive information in production and non-production environments
GlobalPlatform Technology Migrates To Advanced Encryption Standard
GlobalPlatform Secure Channel Protocol 03 defines a new set of cryptographic methods based on AES for the communication between a smart card and an external entity
ViaWest Attains PCI Report On Compliance
ROC certification will assist ViaWest customers in their ability to meet internal and external compliance requirements
Five Tips To Protect Your Business From Online Banking Fraud
Guardian Analytics CEO Terry Austin provides insight on how business owners can safeguard their finances online
Panda Security Expands Channel Partner Benefits
Expansions include enhanced deal and incumbent protection, dedicated training and marketing support, and specialized programs for VARs focused on SMBs
Xceedium Embraces Channel Model
Company turns to a 100% channel-based sales model and enhances channel program
Narus Upgrades NarusInsight
Latest version introduces customizable and extensible monitoring capabilities, powerful analytics, and increased system performance
Damballa Announces Strategic Advisory Board
Board consists of key industry leaders and influencers in IT security
AppGate Names Acting CEO
Hakan Pernsved succeeds Goran Marby
New U.K. Cybersecurity Centre Opens Doors
Centre for Secure Information Technologies to develop systems to be deployed at the core of next-generation computer and telecom networks
Former DHS Cyber Czar Joins Wurldtech's Advisory Board
Greg Garcia will offer guidance on strategic direction, business development, policy advocacy and other initiatives to improve the effectiveness of public-private partnerships
WinMagic, Intel Team On Anti-Theft Technology
By collaborating with Intel on Anti-Theft, WinMagic will combine data protection with tamper-resistant asset protection and theft deterrence
Blancco Data Erasure Software Accepted For Common Criteria Testing
Disk wipe software slated for Evaluation Assurance Level 3+
U.S. District Court Judge Issues First Digitally Signed Judicial Order
Action signals a first for U.S. courts, which, despite widespread use of electronic filing systems, still require handwritten signatures by judges on paper
INTERPOL Selects EDAPS Consortium To Design E-Passport
INTERPOL e-passport will incorporate such security features as laser engraving, an electronic chip, and holographic, micrographic, and optical security elements
VidSys Enhances Physical Security Monitoring
Company unveils dynamic situation management capabilities in newest version of its Physical Security Information Management software
CPU Technology Rolls Out Acalis Sentry Security Server
Solution is a combination of hardware and software used to encrypt embedded applications and configure security features for Acalis CPU872 secure processors
University Of Maryland Adds Database Scanning From Application Security
USMD has deployed AppDetectivePro's agentless database scanning technology for database discovery, vulnerability assessment, user access controls and compliance reporting
VeriSign, TriCipher Offer Stronger Protection For Google Apps
Free solution delivers strong authentication to Google Apps with the option of leveraging a one-time-use password on a mobile phone
U.S. Department Of Education Adopts PGP Encryption
Solutions protect sensitive information while making it easier for mobile users to more securely access IT systems
NitroSecurity Opens APIs
Ecosystem for Security program gives partners access to NitroSecurity's data management engine, which collects, analyzes and retrieves security events in real-time
WireHead, Media Sourcery Offer PKI Service To Infosec Island
IslandPKI Web-based service to provide secure, easy-to-use browser-to-browser messaging and file transfer capabilities
RSA, FirstData Partner In New Secure Transaction Management Service For Merchants
First Data Secure Transaction Management service is engineered to enable merchants to secure payment card data and remove it from their environment while allowing access when needed
Management Of Electronic Records Still Not Taken Seriously: Research
More than one-third of organizations are not confident that their electronic records have not been changed, deleted or inappropriately accessed, according to industry researcher AIIM
Nominum Rolls Out SKYE DNS Cloud Services
SKYE offers a suite of cloud-based services to address infrastructure and new service needs
Cyveillance Disputes Reports Of Phishing Decline
Cyveillance detects 176,864 distinct phishing attacks between June and August 2009, one of the highest three-month totals on record
WhiteHat Rolls Out WhiteHat Sentinel PCI Bundle
WhiteHat Sentinel PCI Bundle combines vulnerability management solutions, customized reporting, and Website security training
General Dynamics To Supply Air Force With "Friend or Foe" Cryptographic Modules For Combat ID
Cryptographic technology is applicable to other combat identification systems, reducing the overall risk of combat fratricide
Andrews International Introduces New Methodology For Reducing Security Costs
New service is based on Andrews' proprietary Security Effectiveness and Efficiency (SEE) methodology
Athena Security, SolarWinds Integrate Firewall, Network Configuration Products
FirePAC now has the capability to show users how rule changes, tracked by Orion NCM, affect exposures to critical assets inside the network
Lumension Unveils Enhanced Compliance, Risk Mangement Product
Lumension Risk Manager automates IT audit workflows, harmonizes controls with policy requirements, and provides greater visibility across IT assets
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
