DevSecOps: The Importance of Building Security from the Beginning
3/9/2018Here are four important areas to tackle in order to master DevSecOps: code, privacy, predictability, and people.
Post a Comment
Author
Profile of Robert Hawk
Privacy & Security Lead at xMatters Member Since: 2/7/2018Author
News & Commentary Posts: 2
Comments: 1
Robert Hawk is Privacy & Security Lead at xMatters. He has extensive experience in information systems security, computer security, cybersecurity, information assurance, as well as governance, risk, and compliance (GRC) management. He specializes in frameworks and standards from ISO/IEC, NIST, IEEE, IETF, ITU-T, Common Criteria, AMI-SEC, NERC, CIS, DoD, ANSI, PCI, and ISECOM. Robert is a lifelong researcher, innovator, and instructor.
Articles by Robert Hawk
Here are four important areas to tackle in order to master DevSecOps: code, privacy, predictability, and people.
Post a Comment
From DevOps to DevSecOps: Structuring Communication for Better Security
2/15/2018A solid approach to change management can help prevent problems downstream.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-6700
PUBLISHED: 2018-09-24
PUBLISHED: 2018-09-24
PUBLISHED: 2018-09-24
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
From DHS/US-CERT's National Vulnerability Database CVE-2018-6700
PUBLISHED: 2018-09-24
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.
CVE-2018-15615PUBLISHED: 2018-09-24
A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.
CVE-2018-6682PUBLISHED: 2018-09-24
Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site.
CVE-2018-17368PUBLISHED: 2018-09-23
An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
CVE-2018-17369PUBLISHED: 2018-09-23
An issue was discovered in springboot_authority through 2017-03-06. There is stored XSS via the admin/role/edit roleKey, name, or description parameter.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This