-
Creating a Vulnerability Management Program – Vulnerability Remediation: More Complex than You Might Imagine
In prior blogs, we’ve spelled out how an organization finds its vulnerabilities and how security teams consider threat intelligence to…
-
Creating a Vulnerability Management Program – Cybersecurity Risk: Why You Need Both Vulnerability and Threat Assessments
In this blog, we’ll add to our cybersecurity considerations the concept of threats and threat intelligence. So far, we’ve looked…
-
Creating a Vulnerability Management Program – Penetration Testing: Valuable and Complicated
Once you’ve started a vulnerability scanning system, you may want to take the next step in identifying vulnerabilities: penetration testing,…
-
Creating a Vulnerability Management Program – Vulnerability Scanners: How They Help Cybersecurity Readiness
Learn how to identify the right vulnerability scanner(s) for your organization’s needs. So far in this series, we have laid…
-
Creating a Vulnerability Management Program – Patching: Take the Panic out of Patching by Managing CVE Threat Overload
Imagine a company that started in early 2012 with a half dozen employees — all working in one office —…
-
Creating a Vulnerability Management Program – Discovering Your Vulnerabilities: The First Foray
We talked previously about the need to use people, processes, and technology wisely to support your vulnerability risk management. Each element…
-
China is Exploiting Vulnerabilities in Widely Used Home-Office Devices, U.S. Agencies Warn
A new advisory from top federal security and law enforcement agencies warns that state-sponsored cyber actors from the People’s Republic…
-
Understanding the Difference Between Vulnerabilities and Exposures
The cybersecurity world talks a lot about “common vulnerabilities and exposures” (CVEs) and compiles ongoing lists of them with a…
-
New Security Vulnerabilities: How Should You Respond?
Cybercrime has exploded in growth over the past several years to levels that are stunning to contemplate. To put it…
-
Risk-Based Vulnerability Management: Efficient + Effective
We described in the previous blog post the difference between vulnerability management and risk management. A quick reminder: vulnerabilities are…
-
Vulnerability Management vs. Risk Management: Defining the Fundamentals
Businesses run fast to keep pace in a market that is ever dynamic, with new entries threatening to oust established…
-
Creating a Vulnerability Management Program – The People, Process, and Technology
Continuing our How to Build a VM Program series, this third installment breaks the working components of a program into…
-
Creating a Vulnerability Management Program – What is Vulnerability Management and the VM Lifecycle Stages?
As we said in the introduction to this series, cybercriminals are becoming increasingly sophisticated in their assaults, and the methods…
-
Creating a Vulnerability Management Program – Why You Need a Vulnerability Management Program Starting Now
In the past, cybercriminals relied heavily on phishing to slip into an organization’s IT system to achieve their objectives. Recently,…
-
Implementing and Maintaining Security Program Metrics
Cybersecurity metrics are a pertinent part of measuring the successes and failures of your program and the effectiveness of your…
-
Why IAM Technology is Critical to Your Vulnerability Management Program
In previous blogs, we discussed Attack Surface Management (ASM) and explained how ASM is critical to your overall Vulnerability Management…
-
Attack Surface Management: Why Your Attack Surface is Critical to Your Vulnerability Management Program
In our last blog, we discussed what Attack Surface Management (ASM) is. Now we will explore the importance of how…
-
5 Reasons Why Attack Surface Management MUST Be Part of Your VA Program
Back in 2019, when I was a research analyst at Gartner, I started to see a monumental shift in how…