Saving Time and Money with Vulnerability Remediation at Scale

Posted by Roy Horev on Feb 7, 2019 7:21:06 AM

Security and IT teams are currently fighting a flood of software vulnerabilities. In 2018 alone, a record 16,555 were reported. Of these, thousands affected every cloud-native SaaS or enterprise company. Some of these vulnerabilities were only potentially dangerous, but others affected tens of thousands of customers.

Read More

Topics: vulnerability remediation, vulnerabilities

What Really Caused the Equifax Breach?

Posted by Yaniv Bar-Dayan on Jan 31, 2019 9:09:09 AM

 

It's been over a year since the Equifax breach made headline news. But I have the feeling that organizations haven't looked at the Equifax breach as a lesson in what is currently wrong with the cybersecurity industry.

The Equifax breach could have happened to any enterprise. If you don’t agree, you may as well stop reading, because you’re not going to agree with anything that follows.

Read More

Topics: vulnerabilities, Cybersecurity

Vulnerability Management Worst Practices

Posted by Tal Morgenstern on Jan 3, 2019 7:09:18 AM

Knowing what NOT to do can sometimes be just as helpful as knowing the right thing to do. Oftentimes, CISOs and Vulnerability Managers have plans and practices in place that can actually be making matters worse by focusing on the wrong things. Let’s review some of these mistakes so you can avoid them in your own organization.

Read More

Topics: vulnerability remediation, vulnerabilities

Vulnerability Trends to Watch Out for in 2019

Posted by Roy Horev on Dec 20, 2018 7:51:53 AM

Trends in vulnerabilities and threats evolve as the technology landscape changes. The vulnerability landscape has changed tremendously over the last couple of years which has prompted many organizations to question whether their current methodologies for vulnerability management are sustainable moving forward.

Read More

Topics: vulnerabilities

The Staggering Growth in Vulnerability Disclosures, 2010 - 2018

Posted by Tal Morgenstern on Dec 5, 2018 10:11:58 AM

With the end of the year, it’s prime time to reflect on vulnerability trends since the start of the decade.

Read More

Topics: vulnerability remediation, vulnerabilities

Looking Back - Top Vulnerabilities of 2018

Posted by Tal Morgenstern on Nov 15, 2018 9:47:44 AM

However you flip the number of recorded vulnerabilities in a given year, the number is at once humbling and noteworthy. We know that both actions – remediating all vulnerabilities and prioritizing a high-severity security flaw in a little-used, low-value system over a medium-severity security hole in a mission-critical system – leave your company’s most important assets exposed.

Read More

Topics: vulnerability remediation, vulnerabilities

Vulnerability Metrics - Which Matter and Which Don't

Posted by Roy Horev on Nov 1, 2018 1:39:51 PM

The best way to share information about the risks associated with vulnerabilities is via quantifying these risks – i.e. metrics. The question is, which metrics? In order to communicate a cohesive vulnerability narrative, in this post we’ve grouped some of the more common metrics – with the aim of helping you leverage the most useful ones, and steer clear of those that are not.

Read More

Topics: vulnerabilities

Vulnerability Intelligence – What, Where and How?

Posted by Tal Morgenstern on Oct 25, 2018 7:36:30 AM

A key part of any risk assessment framework, vulnerability intelligence enables organizations to consider the broader picture when assessing a given vulnerability or set of vulnerabilities. Vulnerability intelligence providers consolidate data from multiple sources – both external and internal – and then offer a contextualized assessment of organizational risk. This can drastically tip the scales in your favor when facing mitigation or remediation.

Read More

Topics: vulnerability remediation, vulnerabilities

A Closer Look at Vulnerability Disclosure Policies

Posted by Roy Horev on Oct 17, 2018 4:48:34 AM

 

While technology companies aim to ensure that their products are watertight, the fact of the matter is that security vulnerabilities are discovered. But how they deal with these discoveries varies considerably.

The question is: should technology vendors keep vulnerabilities quiet or make them known?

Read More

Topics: vulnerabilities

Taking a Risk Based Approach to Vulnerability Management

Posted by Roy Horev on Oct 11, 2018 7:02:54 AM

The question of remediating every single vulnerability is moot. Given the massive amounts of vulnerabilities being disclosed every month, it’s logistically and organizationally unfeasible. At the enterprise level, even the largest IT team simply can’t handle all the vulnerabilities out there – nor, in truth do they need to.

Read More

Topics: vulnerabilities