Prioritize Remediation with a Risk-Based Approach to Vulnerability Management

A vulnerability is a flaw or weakness in a system that, if exploited, would allow a user to gain unauthorized access to conduct an attack. Vulnerability management is the process of identifying, prioritizing, and remediating these vulnerabilities to reduce an organization’s overall risk. Prioritization of vulnerabilities is essential because not all vulnerabilities are going to…

Read More

Detecting Common Types of Cybersecurity Vulnerabilities with Vulnerability Assessments

A vulnerability is a flaw or weakness in a system that, if exploited, would allow a user to gain unauthorized access to conduct an attack. Vulnerabilities can exist within applications, operating systems, software, hardware, or anywhere else in your network. They can  result from a misconfiguration in a security setting, an organizational policy that falls…

Read More

5 Vulnerability Management Best Practices

Vulnerability management is the process of identifying, prioritizing, remediating, and reporting on vulnerabilities to proactively reduce your cyber risk. As organizations transition to the cloud, and the number of open-source libraries increases, vulnerability management gets more and more difficult. In 2021, there were more than 20,000 CVEs (common vulnerabilities and exposures) reported, a 212% increase…

Read More

4 Stages of the Vulnerability Management Process

A vulnerability is a flaw or weakness in a system that, if exploited, would allow a user to gain unauthorized access to conduct an attack. Vulnerability management is the process of identifying, prioritizing, remediating, and reporting on vulnerabilities to proactively reduce your cyber risk. Because new vulnerabilities are constantly being introduced, vulnerability management is not…

Read More

Federal Joint Advisory Warns of Chinese Threat Actors Targeting Telecommunications and Network Service Providers

Context On the evening of June 7, 2022, the United States National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) released a joint advisory detailing the tactics, techniques, and procedures (TTPs) used by unspecified Chinese state-backed threat actors to target unspecified telecommunication and network service organizations…

Read More