Why Your Vulnerability Management Processes Isn't Working

Posted by Tal Morgenstern on Mar 21, 2019 7:49:31 AM

It’s the question that plagues every CISO: “Have I done enough?”

First, you’ve convinced your partners in the boardroom that vulnerabilities are a serious matter and increased your security budget. Then, you've managed to create a collaborative relationship between IT and security teams, coordinating code scans and implementing patches. But every now and then it’s important to zoom out at make sure you’re not missing the security forest for the vulnerability trees.

Read More

Topics: vulnerability remediation, vulnerabilities

A History of Vulnerability Management

Posted by Roy Horev on Mar 14, 2019 9:02:15 AM

The number of known vulnerabilities has exploded in recent years. With enterprises using more software solutions, open-source, cloud, Internet of Things, and more, it’s no wonder the increase in security flaws has skyrocketed.

Read More

Topics: vulnerabilities, Cybersecurity

How can Enterprises Stop Failing their Vulnerability Management Teams?

Posted by Roy Horev on Mar 7, 2019 8:33:55 AM

Everyone knows that CISOs are losing sleep over the dangers that vulnerabilities could potentially cause their businesses, and with good reason. But the problem goes beyond the continuous growth in vulnerabilities.

Read More

Topics: vulnerability remediation, vulnerabilities, DevSecOps

Linux Patching - Haven't We Suffered Enough?

Posted by Ortal Keizman on Feb 27, 2019 7:48:30 AM

So, it’s time to patch again. Kind of like getting your flu shots – you know it’s good for you, but nobody likes doing it. Let’s do a quick analysis of the challenges that patching poses to your environment, and some of our recommended coping mechanisms

Read More

Topics: Patching

Why Response is the Most Difficult Part of Vulnerability Management

Posted by Roy Horev on Feb 21, 2019 10:15:00 AM

“If it were easy, everyone would do it.”

With the never-ending headlines of major breaches caused by vulnerabilities, it’s clear that vulnerability management isn’t easy. According to the Ponemon Institute, the average total cost of a breach in 2018 ranged from between  2-7 million dollars, depending on the number of compromised records.

Read More

Topics: vulnerability remediation, vulnerabilities

Vulcan Cyber's Must Attend Events for CISOs in 2019

Posted by Roy Horev on Feb 12, 2019 10:00:00 AM

No matter what IT field you work in, staying on top of the latest technologies and trends is a must, especially in cybersecurity. Just as a good security plan requires continuous monitoring, a good CISO needs continuous learning. A top-notch security conference can be the most efficient and effective way for CISOs to stay current while networking with peers.

Read More

Topics: Cybersecurity

Saving Time and Money with Vulnerability Remediation at Scale

Posted by Roy Horev on Feb 7, 2019 7:21:06 AM

Security and IT teams are currently fighting a flood of software vulnerabilities. In 2018 alone, a record 16,555 were reported. Of these, thousands affected every cloud-native SaaS or enterprise company. Some of these vulnerabilities were only potentially dangerous, but others affected tens of thousands of customers.

Read More

Topics: vulnerability remediation, vulnerabilities

What Really Caused the Equifax Breach?

Posted by Yaniv Bar-Dayan on Jan 31, 2019 9:09:09 AM

 

It's been over a year since the Equifax breach made headline news. But I have the feeling that organizations haven't looked at the Equifax breach as a lesson in what is currently wrong with the cybersecurity industry.

The Equifax breach could have happened to any enterprise. If you don’t agree, you may as well stop reading, because you’re not going to agree with anything that follows.

Read More

Topics: vulnerabilities, Cybersecurity

Patch Management Best Practices for Production Environments

Posted by Roy Horev on Jan 23, 2019 6:49:55 AM

 

On the surface, patch management sounds like a straightforward task. But patching in a production environment means making a change to potentially every device in the enterprise. Let’s take a look at some of the complex challenges of patching production environments and some ways to improve the process.

Read More

Topics: Patching

Secure your Whales

Posted by Natalie Kriheli on Jan 9, 2019 11:03:33 AM

For our day to day product deployment, we use docker containers. Whenever a new piece of code is being shipped to production, our CI/CD process creates several docker images and pushes them to our private registry – standard deployment process.

Read More