Vulnerability Risk Assessment
- June 05, 2015
A new study claims social media may be a useful indicator of vulnerability risk and lead to more accurate CVSS scores and prioritization.
- May 21, 2015
A new study shows enterprises with security analytics are confident in their threat detection capabilities, while those without are overwhelmed by copious false positives and alerts.
- April 28, 2015
An open source threat model is aiming to be a repository for risk assessment with the aim of allowing enterprise to focus on creating the right security controls for each business.
- April 13, 2015
Experts have split opinions regarding the correct methodology for counting vulnerabilities, but all agree that focusing on numbers can mask real cybersecurity risks.
- March 27, 2015
News roundup: The ban of "booth babes" at RSA Conference 2015 has been met with praise; does it equal an increase of women in infosec? Plus: Cyberthreat data-sharing bill advances; Flash flaw exploited days after patching; new twist on Google Play ...
- July 17, 2014
New Ponemon Institute data shows enterprise executives rarely if ever talk with their security teams, and that threat modeling may be underused.
- September 03, 2013
Analysts expect security concerns to drive global risk management, but executives may need convincing.
- July 19, 2013
A study by Bit9 explains just how bad the Java problem really is: The most popular version has 96 severe vulnerabilities.
- March 04, 2013
At RSA 2013, experts Ed Skoudis and Johannes Ullrich explained how the SANS CyberCity supports offensive forensics and helps prevent kinetic attacks.
- November 14, 2012
Red teaming assesses the security of an organization and can be a more effective way to assess the organization's security posture.
- November 12, 2012
Study from vulnerability management firm Positive Technologies Security contends that 39% of systems in the U.S. and Europe are vulnerable to attack.
- October 17, 2012
Zero-day exploits are typically used in targeted attacks, but public disclosure of unpatched flaws significantly increases the use of the exploits.
- October 11, 2012
The Black Hole attack toolkit is fueling many of the exploits targeting the vulnerabilities, according to Microsoft.
- October 10, 2012
Mobile risk management vendor Mobilisafe assesses employee smartphones and tablets for platform vulnerabilities.
- October 02, 2012
Windows security has improved, but longstanding Unix and network vulnerabilities remain an easy target for determined attackers.