vulnerability management

Enhance security posture: 4 key approaches to manage vulnerabilities

Posted on March 13, 2025March 13, 2025 by Admin

Cloud native application development is surging across businesses, along with the adoption of public cloud infrastructure and services. This progress has led to a growing set of challenges for security: as organizations expand their use of cloud native technologies, the complexity of these environments continues to grow, significantly increasing the attack surface. This added risk has not stopped the adoption but is making scaling and maintenance increasingly difficult, especially as teams have been moving more…

Automation alone isn’t enough to patch vulnerabilities — Here’s why

Posted on February 26, 2025February 26, 2025 by Admin

While the future is hard to predict, we can count on two things about the cybersecurity landscape in 2025. First: cyberattacks are growing in volume as bad actors continue to diversify their methodologies. Second: the cost of exploits is increasing. Impacts of cyberattacks are expanding beyond financial losses, impacting the daily operations of critical services including healthcare and travel. Organizations need to consider how they approach patching as vulnerabilities increase in volume and complexity and…

Open source software vulnerabilities found in 86% of codebases

Posted on February 25, 2025February 25, 2025 by Admin

Black Duck has released its annual Open Source Security and Risk Analysis (OSSRA) report, analyzing 1,658 examinations of 965 commercial codebases within 16 industries. According to the findings, 86% of codebases had open source software vulnerabilities while 81% had high- or critical-risk vulnerabilities. Furthermore, the average application in 2024 had triple the amount of open source files than the average application in 2020, with 5,300 in 2020 and more than 16,000 in 2024. Below, Mike…

Cybersecurity risks organizations need to address this year

Posted on February 24, 2025February 24, 2025 by Admin

As organizations navigate a new year, they face a fundamental truth: traditional perimeter-based security has failed. The modern enterprise isn’t defined by its devices and users but by its digital assets — the crown jewels that power operations and drive value. Yet most security approaches remain stuck in an outdated paradigm, focusing on protecting devices and user accounts while overlooking the dynamic web of service accounts, APIs and machine identities that actually access and manage…

Vulnerability management simplified: The core essentials

Posted on January 30, 2025January 30, 2025 by Admin

In light of today’s evolving threat landscape and high-profile cybersecurity breaches, organizations are facing growing pressure to strengthen their security foundations. These incidents highlight the urgent need for proactive strategies to address vulnerabilities in applications, infrastructure and data. CISOs and security teams can take action now to prepare for potential threats, focusing on a few essential priorities. Strengthening foundational security measures to reduce exposure and improve resilience It all starts with assets. What are you…

The path to reducing software vulnerabilities leads to AI

Posted on July 31, 2024July 31, 2024 by Admin

Tool proliferation has created a data volume challenge that is making it harder than ever to understand the security risks that really matter, which in turn makes it harder to secure the software development and deployment lifecycle. As threats continue to mount, this challenge will only get worse unless there is a better way of separating relevant risks from the background noise. Fortunately, AI now offers a solution Data, data, and more data Cybersecurity threats…

New honeypot techniques for addressing targeted attacks

Posted on July 22, 2024July 22, 2024 by Admin

Automated at-scale attack campaigns now represent the vast majority of online threats, and are starting to blend together with targeted attacks. As the number of these attacks increases, so does the cyber risk for organizations. Unfortunately, the most common approaches to defense — including vulnerability management, phishing awareness, signature-based network and endpoint detection — are neither effective nor efficient in addressing these kinds of attacks because traditional third-party threat intelligence cannot provide adequate targeted…

Understanding the impact of the NIST NVD backlog on MSPs

Posted on July 16, 2024July 16, 2024 by Admin

Since February 2024, the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD) has encountered delays in processing vulnerabilities. This backlog, caused by factors such as software proliferation, budget cuts and changes in support, has significant implications for managed service providers (MSPs). Budget cuts and increased vulnerabilities NIST, an agency within the United States Commerce Department, saw its budget cut by nearly 12% this year. For over 20 years, the NVD has been…

Financial consequences of ignoring security debt in 2024

Posted on May 21, 2024May 21, 2024 by Admin

For years, large organizations have leaned on the assurances provided by their software suppliers’ certifications such as SOC 2 and ISO27001, assuming certifications meant that vendors’ security measures were up to par. However, due to a recent shift in hackers focus the spotlight is now turned towards the software supply chain. If it wasn’t crystal clear, then it is now: vendors’ vulnerabilities aren’t just theirs — they’re yours too. What might have once seemed like…

Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics

Posted on May 13, 2024May 13, 2024 by Admin

Most IT and security teams would agree that ensuring endpoint security and network access security applications are running in compliance with security policies on managed PCs should be a basic task. Even more basic would be ensuring these applications are present on devices. And yet, many organisations still fail to meet these requirements. A new report from Absolute Security, based on anonymised telemetry from millions of mobile and hybrid PCs that run its firmware-embedded solution,…

1 2 3 4 »

vulnerability management

Enhance security posture: 4 key approaches to manage vulnerabilities

Automation alone isn’t enough to patch vulnerabilities — Here’s why

Open source software vulnerabilities found in 86% of codebases

Cybersecurity risks organizations need to address this year

Vulnerability management simplified: The core essentials

The path to reducing software vulnerabilities leads to AI

New honeypot techniques for addressing targeted attacks

Understanding the impact of the NIST NVD backlog on MSPs

Financial consequences of ignoring security debt in 2024

Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)