vulnerability management

The path to reducing software vulnerabilities leads to AI

Posted on by Admin
The path to reducing software vulnerabilities leads to AI

Tool proliferation has created a data volume challenge that is making it harder than ever to understand the security risks that really matter, which in turn makes it harder to secure the software development and deployment lifecycle. As threats continue to mount, this challenge will only get worse unless there is a better way of separating relevant risks from the background noise. Fortunately, AI now offers a solution Data, data, and more data Cybersecurity threats…

Read More

New honeypot techniques for addressing targeted attacks

Posted on by Admin
New honeypot techniques for addressing targeted attacks

Automated at-scale attack campaigns now represent the vast majority of online threats, and are starting to blend together with targeted attacks. As the number of these attacks increases, so does the cyber risk for organizations.   Unfortunately, the most common approaches to defense — including vulnerability management, phishing awareness, signature-based network and endpoint detection — are neither effective nor efficient in addressing these kinds of attacks because traditional third-party threat intelligence cannot provide adequate targeted…

Read More

Understanding the impact of the NIST NVD backlog on MSPs

Posted on by Admin
Understanding the impact of the NIST NVD backlog on MSPs

Since February 2024, the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD) has encountered delays in processing vulnerabilities. This backlog, caused by factors such as software proliferation, budget cuts and changes in support, has significant implications for managed service providers (MSPs). Budget cuts and increased vulnerabilities NIST, an agency within the United States Commerce Department, saw its budget cut by nearly 12% this year. For over 20 years, the NVD has been…

Read More

Financial consequences of ignoring security debt in 2024

Posted on by Admin
Financial consequences of ignoring security debt in 2024

For years, large organizations have leaned on the assurances provided by their software suppliers’ certifications such as SOC 2 and ISO27001, assuming certifications meant that vendors’ security measures were up to par. However, due to a recent shift in hackers focus the spotlight is now turned towards the software supply chain. If it wasn’t crystal clear, then it is now: vendors’ vulnerabilities aren’t just theirs — they’re yours too. What might have once seemed like…

Read More

Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics

Posted on by Admin
Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics

Most IT and security teams would agree that ensuring endpoint security and network access security applications are running in compliance with security policies on managed PCs should be a basic task. Even more basic would be ensuring these applications are present on devices. And yet, many organisations still fail to meet these requirements. A new report from Absolute Security, based on anonymised telemetry from millions of mobile and hybrid PCs that run its firmware-embedded solution,…

Read More

Misconfigurations drive 80% of security exposures

Posted on by Admin
Misconfigurations drive 80% of security exposures

A report from XM Cyber analyzes more than 40 million exposures in order to provide a thorough understanding of the current exposure landscape. The report found that 80% of exposures are caused by identity and credential misconfigurations. Out of these exposures, one-third of them put critical assets at risk of a breach. According to the report, a majority of the exposure is within an organization’s active directory, a critical component for connecting users to network…

Read More

Benefits of Ingesting Data from Amazon Inspector into Cisco Vulnerability Management

Posted on by Admin
Benefits of Ingesting Data from Amazon Inspector into Cisco Vulnerability Management

Co-authored by Tejas Sheth, Sr. Security Specialist, Amazon Web Services – AISPL. Risk-based Vulnerability Management (RBVM) represents a strategic approach to cyber security that focuses on identifying and prioritizing vulnerabilities based on the potential risk they pose to an organization. This approach builds upon traditional vulnerability management, which often involves scanning for and patching all vulnerabilities without considering their actual impact on the business. In RBVM, vulnerabilities are evaluated based on factors like the criticality…

Read More

Enhanced Cybersecurity with Cisco Secure Endpoint and Vulnerability Management

Posted on by Admin
Enhanced Cybersecurity with Cisco Secure Endpoint and Vulnerability Management

Organizations these days face the daunting challenge of effectively prioritizing and responding to security risks and incidents. The combination of Cisco Secure Endpoint and Cisco Vulnerability Management form a powerful automated solution, enabling you to detect, prioritize and manage endpoint vulnerabilities, beginning with the most severe ones. There are two integrations available to help address critical aspects of security, both pre- and post-incident, which not only enhance incident response, but also fortify preventative measures. Post-Incident:…

Read More

Using Data Connectors for a Consolidated View of Risk in Cisco Vulnerability Management   

Posted on by Admin
Using Data Connectors for a Consolidated View of Risk in Cisco Vulnerability Management   

Protecting your organization against cyber threats is a top priority. It’s no secret that data breaches and security vulnerabilities can wreak havoc on businesses. The key to safeguarding your organization? Understanding your risk landscape and taking proactive measures to protect your assets. In this blog post, we’ll dive into Cisco Vulnerability Management’s ability to ingest asset, vulnerability, and fix data from third-party security tools, providing you with a centralized view of risk for effective prioritization…

Read More

Cisco Vulnerability Management Named a Leader in Omdia Universe: RBVM Solutions, 2023

Posted on by Admin
Cisco Vulnerability Management Named a Leader in Omdia Universe: RBVM Solutions, 2023

Omdia released its 2023 Omdia Universe: Risk-Based Vulnerability Management Solutions report, and we’re excited to say that Cisco Vulnerability Management (formerly Kenna.VM) is recognized as a Leader! Risk-based Vulnerability Management (RBVM) builds upon the legacy vulnerability management market with stronger vulnerability prioritization and response. RBVM tackles the problem of determining which vulnerabilities pose a real risk in your environment and need to be patched versus which vulnerabilities you can safely de-prioritize. Improving the efficiency and…

Read More
1 2 3 4