vulnerability management

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

ARMO, GitHub, Industry news, open source, scanning, vulnerability management /

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support 11/12/2023 at 11:02 By Help Net Security With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this functionality. This advancement offers security practitioners a powerful tool to effectively prioritize and address software vulnerabilities. What is […]

React to this headline:

Loading spinner

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support Read More »

Organizations rethink cybersecurity investments to meet NIS Directive requirements

cybersecurity, ENISA, EU, investment, News, report, skill development, survey, vulnerability management /

Organizations rethink cybersecurity investments to meet NIS Directive requirements 22/11/2023 at 07:07 By Help Net Security Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% of IT budget dedicated to cybersecurity by EU operators

React to this headline:

Loading spinner

Organizations rethink cybersecurity investments to meet NIS Directive requirements Read More »

Mainframes are around to stay, it’s time to protect them

Compliance, cybersecurity, data, DevOps, mainframe security, News, open source, report, Rocket Software, survey, vulnerability management /

Mainframes are around to stay, it’s time to protect them 01/11/2023 at 07:31 By Help Net Security While many organizations run their core business applications on the mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, signaling a need for more robust security practices, according to Rocket Software. For decades, mainframe

React to this headline:

Loading spinner

Mainframes are around to stay, it’s time to protect them Read More »

Vulnerability management metrics: How to measure success

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Intruder, opinion, threats, vulnerability management /

Vulnerability management metrics: How to measure success 31/10/2023 at 07:32 By Help Net Security Without the right metrics, vulnerability management is pretty pointless. If you’re not measuring, how do you know it’s working? So how do you know what to focus on? The list is potentially endless, and it can be hard to know what’s

React to this headline:

Loading spinner

Vulnerability management metrics: How to measure success Read More »

Scaling rapidly? Your application security strategies need to keep up

Application Security, Compliance, cybersecurity, ESG, Mend, News, remediation, report, strategy, survey, vulnerability management /

Scaling rapidly? Your application security strategies need to keep up 23/10/2023 at 07:01 By Help Net Security Modern application security strategies must support and enable modern software development, even as it rapidly scales, according to Mend.io. Just 52% of companies can effectively remediate critical vulnerabilities and only 41% are confident they can manage the security

React to this headline:

Loading spinner

Scaling rapidly? Your application security strategies need to keep up Read More »

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

1Password, Alpine, Chrome, containers, Debian, Don't miss, Firefox, Google, Hot stuff, LibreOffice, Linux, macOS, Microsoft Teams, News, Opera, patch, patching, Rezilion, runZero, Signal, Slack, SUSE, Telegram, Ubuntu, Vivaldi, vulnerability, vulnerability management /

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,

React to this headline:

Loading spinner

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »

Balancing budget and system security: Approaches to risk tolerance

Axonius, cyber risk, cybersecurity, data breach, data security, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, Risk Management, vulnerability management /

Balancing budget and system security: Approaches to risk tolerance 19/09/2023 at 08:16 By Help Net Security Data breaches are a dime a dozen. Although it’s easy to look at that statement negatively, the positive viewpoint is that, as a result, cybersecurity professionals have plenty of learning moments. Learning what went wrong and why can be

React to this headline:

Loading spinner

Balancing budget and system security: Approaches to risk tolerance Read More »

LibreOffice: Stability, security, and continued development

cyber resilience, Don't miss, EU, Features, Hot stuff, legislation, LibreOffice, News, open source, product development, vulnerability management /

LibreOffice: Stability, security, and continued development 07/09/2023 at 08:31 By Zeljka Zorz LibreOffice, the most widely used open-source office productivity suite, has plenty to recommend it: it’s feature-rich, user-friendly, well-documented, reliable, has an active community of developers working on improving it, and it’s free. The suite includes Writer (word processor), Calc (a spreadsheet app), Impress

React to this headline:

Loading spinner

LibreOffice: Stability, security, and continued development Read More »

Relying on CVSS alone is risky for vulnerability management

CVSS, News, report, Rezilion, survey, vulnerability management /

Relying on CVSS alone is risky for vulnerability management 31/07/2023 at 07:05 By Help Net Security A vulnerability management strategy that relies solely on CVSS for vulnerability prioritization is proving to be insufficient at best, according to Rezilion. In fact, relying solely on a CVSS severity score to assess the risk of individual vulnerabilities was

React to this headline:

Loading spinner

Relying on CVSS alone is risky for vulnerability management Read More »

A step-by-step guide for patching software vulnerabilities

CVSS, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, patching, Syxsense, vulnerability management /

A step-by-step guide for patching software vulnerabilities 27/07/2023 at 07:34 By Help Net Security Coalition’s recent Cyber Threat Index 2023 predicts the average Common Vulnerabilities and Exposures (CVEs) rate will rise by 13% over 2022 to more than 1,900 per month in 2023. As thousands of patches and updates are released each month, organizations struggle

React to this headline:

Loading spinner

A step-by-step guide for patching software vulnerabilities Read More »

Generative AI outperforms hackers but not their creativity

Artificial Intelligence, Bugcrowd, cybersecurity, generative AI, hacker, hacking, News, report, vulnerability, vulnerability management /

Generative AI outperforms hackers but not their creativity 14/07/2023 at 08:02 By Help Net Security 72% of hackers are confident that AI cannot replace human creativity in security research and vulnerability management, according to Bugcrowd. Generative AI hacking Generative AI was a major theme in the 2023 report, with 55% of respondents saying that it

React to this headline:

Loading spinner

Generative AI outperforms hackers but not their creativity Read More »

Inadequate tools leave AppSec fighting an uphill battle for cloud security

Application Security, Backslash Security, cloud security, cybersecurity, News, report, vulnerability management /

Inadequate tools leave AppSec fighting an uphill battle for cloud security 19/05/2023 at 06:32 By Help Net Security AppSec teams are stuck in a catch-up cycle, unable to keep up with the increasingly rapid, agile dev pace, and playing security defense via an endless and unproductive vulnerability chase, according to Backslash Security. Costly ‘defensive tax’

React to this headline:

Loading spinner

Inadequate tools leave AppSec fighting an uphill battle for cloud security Read More »

Scroll to Top