How SSL Misconfigurations Impact Your Attack Surface

When assessing an organization's external attack surface, encryption-related issues especially SSL misconfigurations receive special attention. Why? Their widespread use, configuration complexity, and visibility to attackers as well as users make them more likely to be exploited. This highlights...

Rapid7 Introduces Vector Command, a New Managed Service for Continuous Red Teaming

Rapid7 is delighted to announce the launch of Vector Command, a continuous red teaming managed service designed to assess your external attack surface and identify gaps in the security defenses on an ongoing basis. Following the launch of Surface Command and Exposure Command in August, Vector...

How to Augment Your Password Security with EASM

Simply relying on traditional password security measures is no longer sufficient. When it comes to protecting your organization from credential-based attacks, it is essential to lock down the basics first. Securing your Active Directory should be a priority – it is like making sure a house has a...

A Scenario: Protecting a Financial Institution from External Threats With EASM

Background Carman Bank, a mid-sized financial institution, has experienced rapid growth over the past five years. As part of its expansion, the bank has significantly increased its digital presence by launching new online banking services, mobile applications, and integrating various third-party...

Introducing CyberSecurity Asset Management 3.0 with Expanded Discovery and Cyber Risk Assessment

Qualys is re-defining attack surface management with CyberSecurity Asset Management CSAM 3.0, expanding the most comprehensive attack surface coverage on the market to include patent-pending EASM discovery and scan, passive sensing for unmanaged/untrusted devices built in to the Qualys agent, and...

Qualys WAS Unveils New Features in an Upgraded User Interface

Qualys Web Application Scanning WAS has been at the forefront of web application and API security innovation, and today, were excited to announce a significant leap - the launch of our New User Interface UI. From improved performance and reliability to cutting-edge technology adoption and enhance...

How Attack Surface Management Supports Continuous Threat Exposure Management

According to Forrester, External Attack Surface Management EASM emerged as a market category in 2021 and gained popularity in 2022. In a different report, Gartner concluded that vulnerability management vendors are expanding their offerings to include Attack Surface Management ASM for a suite of...

Risk-based Vulnerability Management Combined With A Cyber Risk Management Platform

Recent insights from IDCs recent report, Worldwide Device Vulnerability Management Forecast, 2023–2027: Evolving Beyond Scanning Feb. 2023, provide a sobering look at the future of what cybersecurity stacks may look like in a few years. As the name suggests, this report took a deep dive into the...

A New Security Paradigm: External Attack Surface Management

Ran Nahmias, Co-founder and CBO, Cyberpion In the past, a web application or online service could be taken at face value by your customers and employees. It was created, developed, and secured by your organization, and every element of the IT infrastructure that supported that service was under...

CVE-2002-0712

CVE-2002-0712 (Entrust EASM 6.0) : The vulnerability exists in Entrust Authority Security Manager where the multiple-authorization requirement for sensitive master-user functions is not enforced for changing another master user’s password, enabling a single master user to impersonate another and ...