vulnerability management

The Need for a Strong CVE Program

Posted on April 16, 2025April 16, 2025 by Admin

The Common Vulnerabilities and Exposures (CVE) program has long served as the foundation for standardized vulnerability disclosure and management, enabling effective communication and remediation strategies across the industry. As the cybersecurity community grapples with a potential lapse in the stewardship of the CVE program, organizations worldwide could face challenges in maintaining consistent vulnerability identification and tracking, especially in open-source software. Cisco’s Commitment to Transparent Vulnerability Disclosure Cisco is committed to transparency and vulnerability disclosure practices…

RSA 2025 Product Preview

Posted on April 8, 2025April 8, 2025 by Admin

RSA 2025 takes place from April 28 through May 1 in San Francisco, California, bringing together cybersecurity leaders from all over the country. Security magazine highlights a few products from this year’s RSA exhibitors. 1Password Automatically Generates Passwords 1Password’s built-in password generator creates secure passwords for all online accounts. Users can go passwordless by saving and signing in to compatible websites and apps with passkeys. Save and autofill passwords, two-factor authentication codes, financial addresses, and more in…

Enhance security posture: 4 key approaches to manage vulnerabilities

Posted on March 13, 2025March 13, 2025 by Admin

Cloud native application development is surging across businesses, along with the adoption of public cloud infrastructure and services. This progress has led to a growing set of challenges for security: as organizations expand their use of cloud native technologies, the complexity of these environments continues to grow, significantly increasing the attack surface. This added risk has not stopped the adoption but is making scaling and maintenance increasingly difficult, especially as teams have been moving more…

Automation alone isn’t enough to patch vulnerabilities — Here’s why

Posted on February 26, 2025February 26, 2025 by Admin

While the future is hard to predict, we can count on two things about the cybersecurity landscape in 2025. First: cyberattacks are growing in volume as bad actors continue to diversify their methodologies. Second: the cost of exploits is increasing. Impacts of cyberattacks are expanding beyond financial losses, impacting the daily operations of critical services including healthcare and travel. Organizations need to consider how they approach patching as vulnerabilities increase in volume and complexity and…

Open source software vulnerabilities found in 86% of codebases

Posted on February 25, 2025February 25, 2025 by Admin

Black Duck has released its annual Open Source Security and Risk Analysis (OSSRA) report, analyzing 1,658 examinations of 965 commercial codebases within 16 industries. According to the findings, 86% of codebases had open source software vulnerabilities while 81% had high- or critical-risk vulnerabilities. Furthermore, the average application in 2024 had triple the amount of open source files than the average application in 2020, with 5,300 in 2020 and more than 16,000 in 2024. Below, Mike…

Cybersecurity risks organizations need to address this year

Posted on February 24, 2025February 24, 2025 by Admin

As organizations navigate a new year, they face a fundamental truth: traditional perimeter-based security has failed. The modern enterprise isn’t defined by its devices and users but by its digital assets — the crown jewels that power operations and drive value. Yet most security approaches remain stuck in an outdated paradigm, focusing on protecting devices and user accounts while overlooking the dynamic web of service accounts, APIs and machine identities that actually access and manage…

Vulnerability management simplified: The core essentials

Posted on January 30, 2025January 30, 2025 by Admin

In light of today’s evolving threat landscape and high-profile cybersecurity breaches, organizations are facing growing pressure to strengthen their security foundations. These incidents highlight the urgent need for proactive strategies to address vulnerabilities in applications, infrastructure and data. CISOs and security teams can take action now to prepare for potential threats, focusing on a few essential priorities. Strengthening foundational security measures to reduce exposure and improve resilience It all starts with assets. What are you…

The path to reducing software vulnerabilities leads to AI

Posted on July 31, 2024July 31, 2024 by Admin

Tool proliferation has created a data volume challenge that is making it harder than ever to understand the security risks that really matter, which in turn makes it harder to secure the software development and deployment lifecycle. As threats continue to mount, this challenge will only get worse unless there is a better way of separating relevant risks from the background noise. Fortunately, AI now offers a solution Data, data, and more data Cybersecurity threats…

New honeypot techniques for addressing targeted attacks

Posted on July 22, 2024July 22, 2024 by Admin

Automated at-scale attack campaigns now represent the vast majority of online threats, and are starting to blend together with targeted attacks. As the number of these attacks increases, so does the cyber risk for organizations. Unfortunately, the most common approaches to defense — including vulnerability management, phishing awareness, signature-based network and endpoint detection — are neither effective nor efficient in addressing these kinds of attacks because traditional third-party threat intelligence cannot provide adequate targeted…

Understanding the impact of the NIST NVD backlog on MSPs

Posted on July 16, 2024July 16, 2024 by Admin

Since February 2024, the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD) has encountered delays in processing vulnerabilities. This backlog, caused by factors such as software proliferation, budget cuts and changes in support, has significant implications for managed service providers (MSPs). Budget cuts and increased vulnerabilities NIST, an agency within the United States Commerce Department, saw its budget cut by nearly 12% this year. For over 20 years, the NVD has been…

1 2 3 … 5 »

vulnerability management

The Need for a Strong CVE Program

RSA 2025 Product Preview

Enhance security posture: 4 key approaches to manage vulnerabilities

Automation alone isn’t enough to patch vulnerabilities — Here’s why

Open source software vulnerabilities found in 86% of codebases

Cybersecurity risks organizations need to address this year

Vulnerability management simplified: The core essentials

The path to reducing software vulnerabilities leads to AI

New honeypot techniques for addressing targeted attacks

Understanding the impact of the NIST NVD backlog on MSPs

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)