CIS Control 07: Continuous Vulnerability Management

When it comes to cybersecurity, vulnerability management is one of the older technologies that still play a critical role in securing our assets. It is often overlooked, disregarded, or considered only for checkbox compliance needs, but a proper vulnerability management program can play a critical role in avoiding a series data breach. CIS Control 07 […]

Continue Reading

Corporate attack surface exploding as a result of remote work

74% of organizations attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place during the pandemic. The data is drawn from a study of more than 1,300 security leaders, business executives and remote employees conducted by Forrester Consulting. From cloud services and applications to personal devices and remote access tools, the corporate attack surface […]

Continue Reading

The complexities of vulnerability remediation and proactive patching

In this interview with Help Net Security, Eran Livne, Director, Product Management, Endpoint Remediation at Qualys, discusses vulnerability remediation complexity, the challenges related to proactive patching, as well as Qualys Patch Management. What makes vulnerability remediation a complex task? Most vulnerability remediation involves multiple teams and processes – first, a scanning tool identifies vulnerabilities, and […]

Continue Reading

Vulnerability management is facing three core problems: Here’s how to solve them

The COVID-19 pandemic has placed enormous stress on information security professionals. A threat landscape that was already growing more complex by the minute now presents an even more fearsome challenge, as cybersecurity budgets are strained, and millions of workers have shifted to telecommuting on a full- or part-time basis. Where are organizations going wrong in […]

Continue Reading

Vulnerability Scanning vs. Penetration Testing

It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing, on its own, cannot secure the entire network. Both are important at their respective levels, needed in cyber risk analysis, and are required by standards such as PCI, […]

Continue Reading

Microsoft Defender for Endpoint now detects jailbroken iOS devices

Microsoft has announced new and improved capabilities for enterprise security teams that use Microsoft Defender for Endpoint on Android and iOS and Microsoft threat and vulnerability management APIs. Mobile device protection Microsoft Defender for Endpoint – a cloud-powered enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats […]

Continue Reading