Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Pritesh Parekh

VP & Chief Security Officer, Zuora

News & Commentary Posts: 2

Pritesh Parekh is the VP & CSO of Zuora. He has over 15 years of experience in building and managing enterprise security programs, and a decade of leading security for cloud platforms. Prior to joining Zuora, Parekh was leading worldwide Security and Compliance for ServiceNow. He is a frequent speaker and panelist at security conferences and quoted in the press as a subject matter expert for the BITS Shared Assessment & Cloud Development group. Parekh was a top finalist for the ISE North America 2015 award (Information Security Executive of the year) and is nominated for the CSO of the Year for SC Awards 2016.

Articles by Pritesh Parekh

View Content By Month

How Secure is Secure? Tips For Investing In The Right Strategy

6/17/2016
Business alignment, defense-in-depth and a phased approach are three principles to follow when building out a solid security program.
Post a Comment

IoT Security Checklist: Get Ahead Of The Curve

3/3/2016
The security industry needs to take a Consumer Reports approach to Internet of Things product safety, including rigorous development practices and both physical and digital testing.
Post a Comment

Hot Topics

Editors' Choice

Microsoft, Mastercard Aim to Change Identity Management

Kelly Sheridan, Staff Editor, Dark Reading, 12/3/2018

Windows 10 Security Questions Prove Easy for Attackers to Exploit

Kelly Sheridan, Staff Editor, Dark Reading, 12/5/2018

Starwood Breach Reaction Focuses on 4-Year Dwell

Curtis Franklin Jr., Senior Editor at Dark Reading, 12/5/2018

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

TitaniumCloud File Intelligence vs. VirusTotal

The SOAR Buyer's Guide

Edge Expander

Outsmart Malware

Investigating Malware Threats Within your Network

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: I guess this answers the question: who's watching the watchers?

Cartoon Archive

Current Issue

10 Best Practices That Could Reshape Your IT Security Department

This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Using IT Threat Intelligence

Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.

Download Now!

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-10008
PUBLISHED: 2018-12-10

A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended...

CVE-2018-10008
PUBLISHED: 2018-12-10

An information exposure vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the duration of the build using the workspace br...

CVE-2018-10008
PUBLISHED: 2018-12-10

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jen...

CVE-2018-10008
PUBLISHED: 2018-12-10

A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.

CVE-2018-10008
PUBLISHED: 2018-12-10

A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy san...

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]