API Security Operations: How to Move from Visibility to Measurable Risk Reduction

A five-level operating model for turning API security visibility into measurable risk reduction, faster remediation, and confident digital growth — without slowing development. What is API security operationalization? API security operationalization is the process of converting API discovery and...

Cybersecurity Metrics Every CISO Should Report to the Board

Cybersecurity Metrics Every CISO Should Report to the Board After twenty years of leading security teams and presenting to boards at companies like Tripwire and RiskIQ, I can tell you this: the metrics that matter to your SOC team are not the metrics that matter in the boardroom. Boards do not wa...

What is CTEM? Your Guide to Reducing Cyber Risk

Trying to explain security priorities to your board using CVSS scores is a tough sell. A long list of technical flaws doesn't translate to business impact, making it difficult to justify budgets and get buy-in for critical initiatives. Security leaders need a better way to frame the conversation...

EUVD-2018-7344

Malware in sbrugna...

How Leading CISOs are Getting Budget Approval

It's budget season. Once again, security is being questioned, scrutinized, or deprioritized. If you're a CISO or security leader, you've likely found yourself explaining why your program matters, why a given tool or headcount is essential, and how the next breach is one blind spot away. But these...

How SOCs Improve Key Cybersecurity KPIs with Better Threat Analysis

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

Cybersecurity at a Crossroads: New Implications on Business Risk

During our 2023 Qualys Security Conference QSC taking place in Orlando, Florida, November 6-9, 2023, I unveiled an exciting new milestone for the company – the release of our new Qualys Enterprise TruRisk Platform, marking a seismic shift for the future of Qualys as a leader in managing and...

Understanding metrics to measure SOC effectiveness

The security operations center SOC plays a critical role in protecting an organizations assets and reputation by identifying, analyzing, and responding to cyberthreats in a timely and effective manner. Additionally, SOCs also help to improve overall security posture by providing add-on services...

The Ultimate 2019 Security Team Assessment Template

Assessing the performance of your security team is critical to both knowing your current posture, as well as planning ahead. 'The Ultimate 2019 Security Team Assessment Template' is the first attempt to capture all the main KPIs of the security team main pillars, saving CIOs and CISOs the time an...

CVE-2018-15466

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function PCRF of Cisco Policy Suite CPS could allow an unauthenticated, remote attacker to access the Graphite web interface. The attacker would need to have access to the internal VLAN where CPS is deployed. The...

Design/Logic Flaw

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function PCRF of Cisco Policy Suite CPS could allow an unauthenticated, remote attacker to access the Graphite web interface. The attacker would need to have access to the internal VLAN where CPS is deployed. The...

CVE-2018-15466 Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function PCRF of Cisco Policy Suite CPS could allow an unauthenticated, remote attacker to access the Graphite web interface. The attacker would need to have access to the internal VLAN where CPS is deployed. The...

Cisco Policy Suite Access Control Error Vulnerability

Cisco Policy Suite CPS is the United States Cisco Cisco company's set of next-generation policy management solutions. The program provides user-based business rules, applications and real-time management of network resources and other functions. policy and Charging Rules Function PCRF is one of t...

Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function PCRF of Cisco Policy Suite CPS could allow an unauthenticated, remote attacker to access the Graphite web interface. The attacker would need to have access to the internal VLAN where CPS is deployed. The...

Managing the Risk of IT-OT Convergence

A few years ago, it wasn’t easy getting executives on board with the concept of operational technology OT security. Having finally come around to acknowledging the need for information technology IT security, boards and C-suite executives at industrial enterprises were then faced with the...