September 19, 2017 The Telltale Text File: Security Researcher Proposes Standardization for Reporting Vulnerabilities 2 min read - Security researcher Ed Foudil proposed adding a security.txt to every website to standardize the process of reporting vulnerabilities.
Advanced Threats September 14, 2017 Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet 5 min read - IBM X-Force reported a downward trend in publicly available exploit code, but security teams must still prioritize vulnerability and patch management.
September 6, 2017 Little-Known PDF Flaw Creates Crashing Concerns 2 min read - A little-known PDF flaw in a parsing library that was originally discovered six years ago is also present in many contemporary and popular file viewers.
Application Security August 21, 2017 Three Practical Tips That Empower Developers and Prevent Open Source Security Risks From Entering Your Code 4 min read - There are many benefits to developing software using open source code, but these components can also introduce vulnerabilities into your code.
August 15, 2017 PostgreSQL Database Management System Patches Password Flaws 2 min read - PostgreSQL developers announced a round of patches to address more than 50 bugs and three vulnerabilities in the popular database management system.
Risk Management August 10, 2017 Eight Myths Not to Believe About Penetration Testing 3 min read - Penetration testing can help organizations across all industries identify vulnerabilities before cybercriminals have a chance to exploit them.
Risk Management August 9, 2017 Assessing Risks and Remediating Threats With a Layered Approach to Vulnerability Management 4 min read - For many companies, vulnerability management still amounts to an ongoing game of whack-a-mole to identify and remediate threats.
August 4, 2017 DOJ Issues Framework for Vulnerability Disclosure Programs 2 min read - The Department of Justice (DOJ) offered guidance on vulnerability disclosure programs, which will assist organizations in navigating legal issues.
Network July 20, 2017 The Living Dead: How to Protect Legacy Systems 2 min read - When patching legacy systems is simply not an option, security teams must take steps to minimize the risks associated with outdated software.
July 17, 2017 Everlasting Issue? EternalBlue Scanning Apps Find 50,000 Susceptible Systems 2 min read - A new scanning app found that more than 50,000 systems across the world are still vulnerable to the EternalBlue exploit, despite a patch being available.