8 matches found
ConGISATA: A Framework for Continuous Gamified Information Security Awareness Training and Assessment
The incidence of cybersecurity attacks utilizing social engineering techniques has increased. Such attacks exploit the fact that in every secure system, there is at least one individual with the means to access sensitive information. Since it is easier to deceive a person than it is to bypass the...
Bringing Continuous Assessment to Harbor: Scan on Push, Stay Secure Over Time
Key Takeaways Harbor environments often run separate scanners, such as Trivy at build time and Qualys at runtime, leading to repeated full-image rescans across hundreds of thousands of images and increasing compute usage, scan time, and operational costs. Integrating QScanner with Harbor eliminat...
The Face of Penetration Testing is Changing: Announcing Metasploit Pro 5.0.0
The role and demand for red-teaming capabilities are growing, as more exploitable CVEs make their way into criminal hands. Being proactive is no longer a capability that can be reserved for annual tests, but a continuous assessment to determine exposure and even through the validation of an...
7 Steps to Improve Cyber Exposure Visibility
Attackers don’t look for the strongest part of your defense; they look for the one you forgot about. An unmanaged server, a misconfigured cloud service, or an employee’s unsecured home device can become their front door. Poor cyber exposure visibility creates these hidden entry points. The best w...
Cyber Story Time: The Boy Who Cried "Secure!"
As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation ASV tools?" We've covered that pretty extensively in the past, so today, instead of covering the "What is ASV?" I wanted to address the "Why ASV?"...
Managing Risk Across Hybrid Environments with Executive Risk View
Over the last decade or so, organizations of all shapes and sizes across all industries have been going through a seismic shift in the way they engage with their customers and deliver their solutions to the market. These new delivery models are often underpinned by cloud services, which can chang...
Continuous Security and Compliance Monitoring for Global IT Assets
In today’s information security world, all assets everywhere must be detected, visible, protected and compliant -- all the time. It’s no longer enough to rely on “point in time” security and compliance assessments, such as scheduled weekly or monthly scans on handpicked critical servers. “You mus...
Qualys new look and new products
As you all know, it's Black Hat 2017 time. This year Qualys seems to be the main newsmaker among Vulnerability Management vendors. Qualys Team renewed logo and website, updated marketing strategy, presented two new products: CloudView and CertView. I decided to take a look. Talking about design, ...