Why I Took the Equifax Breach Slides out of Our Sales Deck

Posted by Yaniv Bar-Dayan on Jan 31, 2019 9:09:09 AM

 

It's been over a year since the Equifax breach made headline news. But I have the feeling that organizations haven't looked at the Equifax breach as a lesson in what is currently wrong with the cybersecurity industry.

The Equifax breach could have happened to any enterprise. If you don’t agree, you may as well stop reading, because you’re not going to agree with anything that follows.

Read More

Topics: vulnerabilities, Cybersecurity

Easing the Pain of Patching in Production Environments

Posted by Roy Horev on Jan 23, 2019 6:49:55 AM

 

On the surface, patch management sounds like a straightforward task. But patching in a production environment means making a change to potentially every device in the enterprise. Let’s take a look at some of the complex challenges of patching production environments and some ways to improve the process.

Read More

Topics: Patching

Secure your Whales

Posted by Natalie Kriheli on Jan 9, 2019 11:03:33 AM

For our day to day product deployment, we use docker containers. Whenever a new piece of code is being shipped to production, our CI/CD process creates several docker images and pushes them to our private registry – standard deployment process.

Read More

Vulnerability Management Worst Practices

Posted by Tal Morgenstern on Jan 3, 2019 7:09:18 AM

Knowing what NOT to do can sometimes be just as helpful as knowing the right thing to do. Oftentimes, CISOs and Vulnerability Managers have plans and practices in place that can actually be making matters worse by focusing on the wrong things. Let’s review some of these mistakes so you can avoid them in your own organization.

Read More

Topics: vulnerability remediation, vulnerabilities

Security and DevOps: Getting them to Work Together

Posted by Roy Horev on Dec 27, 2018 9:39:40 AM

DevOps has revolutionized the pace at which new iterations of applications are released to meet the needs of customers. By nature, security teams are focused on securing company assets and data, which others may see as a roadblock to productivity. The tension between these two groups can sometimes be palpable.

Read More

Topics: DevSecOps, Cybersecurity

Vulnerability Trends to Watch Out for in 2019

Posted by Roy Horev on Dec 20, 2018 7:51:53 AM

Trends in vulnerabilities and threats evolve as the technology landscape changes. The vulnerability landscape has changed tremendously over the last couple of years which has prompted many organizations to question whether their current methodologies for vulnerability management are sustainable moving forward.

Read More

Topics: vulnerabilities

Vulnerability Remediation: Don't Let the Cure be Worse than the Disease

Posted by Tal Morgenstern on Dec 13, 2018 9:45:06 AM

By now, everybody knows that vulnerabilities that aren't remediated properly could pose a serious threat to the enterprises environment.The data breach experienced by Equifax last year exemplifies the impacts that can occur to a business that fails to remediate. However, we cannot ignore the other side of the coin – when remediation steps ARE applied they can cause significant damage and downtime in their own right.

Read More

Topics: vulnerability remediation

The Staggering Growth in Vulnerability Disclosures, 2010 - 2018

Posted by Tal Morgenstern on Dec 5, 2018 10:11:58 AM

With the end of the year, it’s prime time to reflect on vulnerability trends since the start of the decade.

Read More

Topics: vulnerabilities, vulnerability remediation

Looking Back - Top Vulnerabilities of 2018

Posted by Tal Morgenstern on Nov 15, 2018 9:47:44 AM

However you flip the number of recorded vulnerabilities in a given year, the number is at once humbling and noteworthy. We know that both actions – remediating all vulnerabilities and prioritizing a high-severity security flaw in a little-used, low-value system over a medium-severity security hole in a mission-critical system – leave your company’s most important assets exposed.

Read More

Topics: vulnerabilities, vulnerability remediation

Vulnerability Metrics - Which Matter and Which Don't

Posted by Roy Horev on Nov 1, 2018 1:39:51 PM

The best way to share information about the risks associated with vulnerabilities is via quantifying these risks – i.e. metrics. The question is, which metrics? In order to communicate a cohesive vulnerability narrative, in this post we’ve grouped some of the more common metrics – with the aim of helping you leverage the most useful ones, and steer clear of those that are not.

Read More

Topics: vulnerabilities