Collaborate Disseminate
Your CSIRT protects your organizational network, but who secures your products? It may be time you started a PSIRT at your company.
The post Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough appeared first on Security Intelligence.
Continue reading Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough
X-Force observed attackers using known Drupal vulnerabilities, including Drupalgeddon, to target websites and the underlying infrastructure that hosts them, leveraging Shellbot to open backdoors.
The post Threat Actors Prey on Drupalgeddon Vulnerability to Mass-Compromise Websites and Underlying Servers appeared first on Security Intelligence.
In today’s rapidly evolving security environment, it’s imperative for organizations to establish a formal data risk management program that does more than just check the boxes.
The post The Wild West of Data Risk Management in the Age of Cloud, Mobile and Digital Transformation appeared first on Security Intelligence.
To secure products that use open source components, organizations must first take stock of how much of this code they are using in their products.
The post Maximize the Power of Your Open Source Application Security Testing appeared first on Security Intelligence.
Continue reading Maximize the Power of Your Open Source Application Security Testing
Garner’s new report recommends factoring severity, asset value and active exploits into your vulnerability management process.
The post New Gartner Report Recommends a Vulnerability Management Process Based on Weaponization and Asset Value appeared first on Security Intelligence.
Offensive security activities like cyberattack simulations, penetration testing and vulnerability assessments can help companies identify and remediate flaws before cybercriminals can exploit them.
The post Why the Best Defense Is a Good Offensive Security Strategy appeared first on Security Intelligence.
Continue reading Why the Best Defense Is a Good Offensive Security Strategy
Sometimes, security professionals don’t know how to approach a vulnerability assessment, especially when it comes to dealing with results from its automated report. Here’s how to get started.
The post A Step-By-Step Guide to Vulnerability Assessment appeared first on Security Intelligence.
Continue reading A Step-By-Step Guide to Vulnerability Assessment
As the cybercrime landscape expands, SOC teams need endpoint security tools that can reduce the time it takes to gain actionable threat intelligence.
The post Proactive or Reactive Endpoint Security? A Critical Crossroads for SOC Analysts appeared first on Security Intelligence.
Continue reading Proactive or Reactive Endpoint Security? A Critical Crossroads for SOC Analysts
Over 27% of all websites globally run WordPress. This makes WordPress a very highly targeted piece of software. There are numbers of different aspects to consider when attempting to discover vulnerabilities in WordPress. In this episode of Tradecraft S… Continue reading WordPress Vulnerability Discovery and Exploitation – Tradecraft Security Weekly #6
Organizations often struggle with defining the scope of their security testing, but this is a necessary step that impacts business goals.
The post Determining the Scope of Your Security Testing appeared first on Security Intelligence.
Continue reading Determining the Scope of Your Security Testing