Vulnerability Management Worst Practices

Posted by Tal Morgenstern on Jan 3, 2019 7:09:18 AM

Knowing what NOT to do can sometimes be just as helpful as knowing the right thing to do. Oftentimes, CISOs and Vulnerability Managers have plans and practices in place that can actually be making matters worse by focusing on the wrong things. Let’s review some of these mistakes so you can avoid them in your own organization.

Read More

Topics: vulnerability remediation, vulnerabilities

Vulnerability Remediation: Don't Let the Cure be Worse than the Disease

Posted by Tal Morgenstern on Dec 13, 2018 9:45:06 AM

By now, everybody knows that vulnerabilities that aren't remediated properly could pose a serious threat to the enterprises environment.The data breach experienced by Equifax last year exemplifies the impacts that can occur to a business that fails to remediate. However, we cannot ignore the other side of the coin – when remediation steps ARE applied they can cause significant damage and downtime in their own right.

Read More

Topics: vulnerability remediation

The Staggering Growth in Vulnerability Disclosures, 2010 - 2018

Posted by Tal Morgenstern on Dec 5, 2018 10:11:58 AM

With the end of the year, it’s prime time to reflect on vulnerability trends since the start of the decade.

Read More

Topics: vulnerabilities, vulnerability remediation

Looking Back - Top Vulnerabilities of 2018

Posted by Tal Morgenstern on Nov 15, 2018 9:47:44 AM

However you flip the number of recorded vulnerabilities in a given year, the number is at once humbling and noteworthy. We know that both actions – remediating all vulnerabilities and prioritizing a high-severity security flaw in a little-used, low-value system over a medium-severity security hole in a mission-critical system – leave your company’s most important assets exposed.

Read More

Topics: vulnerabilities, vulnerability remediation

Vulnerability Intelligence – What, Where and How?

Posted by Tal Morgenstern on Oct 25, 2018 7:36:30 AM

A key part of any risk assessment framework, vulnerability intelligence enables organizations to consider the broader picture when assessing a given vulnerability or set of vulnerabilities. Vulnerability intelligence providers consolidate data from multiple sources – both external and internal – and then offer a contextualized assessment of organizational risk. This can drastically tip the scales in your favor when facing mitigation or remediation.

Read More

Topics: vulnerabilities, vulnerability remediation

Vulnerability Assessment, Management, and Remediation: Understanding the Differences

Posted by Yaniv Bar-Dayan on Oct 4, 2018 9:36:38 AM

 

As a CISO or Security Manager, you understand your organization’s need to remain one step ahead of cybercriminals searching for gaps in your security posture. The market is flooded with solutions for dealing with vulnerabilities and the challenge continues to be understanding the ways to best prioritize and manage the vulnerabilities. But first, to keep your organization safe, it’s imperative that you understand the differences between the three main types of security solutions: vulnerability assessment, vulnerability management, and vulnerability remediation tools.

Read More

Topics: vulnerability remediation, vulnerabilities

Five Steps to Lower Cyber Risk with Better Vulnerability Management

Posted by Roy Horev on Sep 13, 2018 9:54:51 AM

 

In its 2018 “Global Risks Report,” the World Economic Forum – a prominent international policy think-tank – ranked cyber threats just below extreme weather events and natural disasters.

Read More

Topics: Cybersecurity, vulnerability remediation, Patching

Putting Meltdown and Spectre in Perspective, Six Months Later

Posted by Tal Morgenstern on Aug 14, 2018 9:19:49 AM

 

For several months in early 2018, you could not open a browser without seeing news about Spectre and Meltdown – the variants of a vulnerability built in to just about every computer chip on the planet. Discovered in late 2017 by researcher Michael Schwarz at Graz University of Technology in Austria, Spectre and Meltdown actually comprise three vulnerabilities (CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754).

Read More

Topics: vulnerability remediation, Meltdown and Spectre

Always Brush Your Digital Teeth: Why You Should Maintain Good Cyber Hygiene

Posted by Yaniv Bar-Dayan on Aug 1, 2018 8:00:30 AM

 

With proper cyber hygiene, you can control IT processes - rather than being controlled by endless (and unhygienic) vulnerabilities.

Read More

Topics: vulnerabilities, vulnerability remediation

How to Start the Transition from Risk Management to Vulnerability Remediation

Posted by Tal Morgenstern on Jul 24, 2018 6:37:36 AM

Just five years ago, the vulnerability landscape looked markedly different. There were fewer vulnerabilities to patch and risk was far lower - since most systems were still on-premise and the overall cyber-threat climate was calmer.

Read More

Topics: vulnerability remediation