Vulnerability Remediation: The Complete Guide to Fixing Security Weaknesses

Your scanners find thousands of vulnerabilities every cycle. Your team triages, assigns, and patches what they can. But weeks later, the same critical CVEs still sit open, SLAs blow past their deadlines, and the backlog keeps growing. The problem is rarely a lack of detection. It is a broken...

Widespread IT Outage Due to CrowdStrike Update

Note: CISA will update this Alert with more information as it becomes available. Update 4:30 p.m., EDT, August 6, 2024: CrowdStrike has published its Root Cause Analysis RCA reportlink is external. According to CrowdStrike, “the full report elaborates on the information previously shared in our...

Staying Five Steps Ahead of Cyber Risk

Organizations are continuously seeking effective strategies to protect their digital environments. With over 26,000 vulnerabilities discovered last year, Qualys Vulnerability Management, Detection, and Response VMDR offers a comprehensive solution designed to meet the needs of both security and I...

brasseler.marcant.net Cross Site Scripting vulnerability OBB-3876483

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

livingfromthisdayforward.com Improper Access Control vulnerability OBB-3803884

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Simplifying Cloud Asset Identification in a Multi-Cloud Environment

Enterprises struggle to get an accurate asset inventory in multi-cloud or hybrid cloud environments. Qualys enhances the metadata for cloud assets while simplifying the collection process. This blog explains how this functionality expedites the identification process, easily identifies vulnerable...

Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

This is the sixth blog in the Lessons learned from the Microsoft SOC series designed to share our approach and experience from the front lines of our security operations center SOC protecting Microsoft and our Detection and Response Team DART helping our customers with their incidents. For a visu...

Vulnerability Management vendors and Vulnerability Remediation problems

It's not a secret, that Vulnerability Management vendors don't pay much attention to the actual process of fixing vulnerabilities, that they detect in the infrastructure Vulnerability Remediation. Although it seems to be the main goal of VM products: to make vulnerabilities fixed and whole IT...

Contain Attacks in Real Time with Live Response in Cb Defense

Endpoint security is broken. Yes, you’ve heard it before - traditional, signature-based antivirus AV can’t keep up with the volume of new malware and advanced attack methods being developed by cyber criminals every day. And that’s absolutely true. But a report published last year highlights an ev...