110 matches found
6 ways cybersecurity teams can save time and money
The phrase “time is money”, originally attributed to Benjamin Franklin, reprimands the slothful for wasting their working hours. As one of the founding fathers of the United States, Benjamin Franklin clearly never worked a day in cybersecurity. This is an area where fresh blood is hard to find to...
IBM Security Verify Access Buffer Overflow Vulnerability
IBM Security Verify Access is a service that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies by using risk-based access, single sign-on, integrated access management controls, identity federation and mobile...
A Post-Data Privacy World and Data-Rights Management
The reality is that today, almost everyone is being tracked and monitored 24/7 with cameras recording our expressions, interactions and speech to determine what we might be thinking, where we are going and who we are meeting. While privacy differs from nation to nation and culture to culture, one...
VoIPmonitor 27.5 Missing Memory Protections
VoIPmonitor static builds are compiled without any standard memory corruption protection - Fixed versions: N/A - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-04-voipmonitor-staticbuild-memory-corruption-protection - VoIPmonitor Security Advisory: none ...
Dive Deep into VMDR
Qualys devoted the second day of the Qualys Security Conference entirely to vulnerability management, detection and response VMDR, a critical area for the security and compliance of hybrid cloud IT environments. Mehul Revankar, VP of Product Management and Engineering for VMDR at Qualys, set the...
Building an Open Cloud Platform
Qualys Chairman and CEO Philippe Courtot kicked off Qualys Security Conference with an assessment of current security challenges and a clear call to action on how to successfully overcome them. “Today security is front and center, and as we move to the cloud, we must rethink security,” Courtot sa...
Forcepoint and Microsoft: Risk-based access control for the remote workforce
This blog post is part of the Microsoft Intelligence Security Association MISA guest blog series. Learn more about MISA here. Adopting cloud-based services as part of an organization’s digital transformation strategy is no longer optional, its a necessity. Last year, only 18 percent of the...
Forcepoint and Microsoft: Risk-based access control for the remote workforce
This blog post is part of the Microsoft Intelligence Security Association MISA guest blog series. Learn more about MISA here. Adopting cloud-based services as part of an organization’s digital transformation strategy is no longer optional, its a necessity. Last year, only 18 percent of the...
Dive Deep into VMDR
Qualys devoted the second day of the QSC USA 2020 virtual conference entirely to vulnerability management, detection and response VMDR, a critical area for the security and compliance of hybrid cloud IT environments. Mehul Revankar, VP of Product Management and Engineering for VMDR at Qualys, set...
Building an Open Cloud Platform
Qualys Chairman and CEO Philippe Courtot kicked off QSC USA 2020, the company’s 20th annual user conference, with an assessment of current security challenges, and a clear call to action on how to successfully overcome them. “Today security is front and center, and as we move to the cloud, we mus...
On Risk-Based Authentication
Interesting usability study: "More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication": Abstract: Risk-based Authentication RBA is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during...
Rethinking Defensive Strategy at the Edge, Part 1: A Changing Landscape for Securing Users
In recent years, new enterprise remote access architectures and frameworks have been introduced, such as Zero Trust Access ZTA. Those concepts have driven changes in the way the network perimeter has been defined -- specifically, from the outside in, not the inside out. Access to applications and...
US Space Cybersecurity Directive
The Trump Administration just published "Space Policy Directive - 5": "Cybersecurity Principles for Space Systems." Its pretty general: Principles. a Space systems and their supporting infrastructure, including software, should be developed and operated using risk-based, cybersecurity-informed...
Qualys Response to Rapid7’s False Claims on VMDR
As remote working is becoming the need of the hour, IT and Security teams are working tirelessly to ensure continuity of services and deliver on all aspects of the business. To help our customers in these challenging times, we launched a 60-day no-cost ‘Remote Endpoint Protection’ service for...
Microsoft and Zscaler help organizations implement the Zero Trust model
While digital transformation is critical to business innovation, delivering security to cloud-first, mobile-first architectures requires rethinking traditional network security solutions. Some businesses have been successful in doing so, while others still remain at risk of very costly breaches...
Adopting a Risk-Based Approach to Cybersecurity in the Financial Services Industry
Today’s financial organizations face many different risks in volatile and uncertain business environments, but the ever-present threat of cyberattacks and data breaches is now impossible to ignore. For this reason, managing these cyber-risks now has to simply be considered one of the many costs o...
Critical Bugs Open Food-Safety Systems to Remote Attacks
Two critical vulnerabilities in a food-quality management software package would allow adversaries to completely compromise the system. The issues affect the AK-EM 800 product from SCADA vendor Danfoss. It’s an enterprise management solution for the food retail industry that provides a central...
Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time
I'm excited to announce that Microsoft’s Threat & Vulnerability Management solution is generally available as of June 30! We have been working closely with customers for more than a year to incorporate their real needs and feedback to better address vulnerability management. Our goal is to empowe...
RSA Conference 2019: NIST's Privacy Framework Starts to Take Shape
Data privacy has been thrust into the limelight with the passage of the General Data Protection Regulation in Europe last year and a string of high-profile consumer privacy snafus. The National Institute of Standards and Technology has plans to help companies address data privacy with the...
Browser Extensions: Are They Worth the Risk?
Popular file-sharing site Mega.nz is warning users that cybercriminals hacked its browser extension for Google Chrome so that usernames and passwords submitted through the browser were copied and forwarded to a rogue server in Ukraine. This attack serves as a fresh reminder that legitimate browse...