Vulnerability Risk Assessment

MUST READ Can threat modeling help enterprises? EXPERT ANSWER - Is threat modeling a useful defense mechanism? Is it really possible to think like an attacker? Five ways to simplify the vulnerability management lifecycle TIP - Learn how to quickly and accurately quantify your exposure, communicate that exposure and deploy resources to remediate.

VIDEO: 1 - 3 of 4

	Vulnerability mitigation study shows need for faster patching SearchSecurity.com | 10 Aug 2009 VIDEO - Qualys CTO Wolfgang Kandek says vendors and administrators need to find ways to speed up the patching cycle.

	Newest malware threats SearchSecurity.com | 15 Jul 2009 VIDEO - What are the newest threats to enterprise networks, and how can you subvert these emerging security threats? Greg Hoglund, CEO of HBGary and creator of the first rootkit, answers these questions.

	PCI compliance requirement 6: Systems and applications SearchSecurity.com | 01 Jun 2009 VIDEO - Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 6: "Develop and maintain secure systems and applications."

	VIEW ALL VIDEO ON VULNERABILITY RISK ASSESSMENT

NEWS: 1 - 3 of 58

	Patch management study shows IT taking significant risks SearchSecurity.com | 08.13.2009 OPINION - IT pros need to take patch management processes seriously and more dilligently understand the plethora of applications being used by end users.

	Trusteer CEO criticizes Adobe, touts better patch deployments SearchSecurity.com | 13 Aug 2009 ARTICLE - Despite critical Flash and Adobe Reader updates July 30, only a fraction of Adobe users have installed them, Trusteer says. Trusteer's CEO urges better patching mechanisms.

	Microsoft to issue security report card, new tool at Black Hat SearchSecurity.com | 27 Jul 2009 ARTICLE - In addition to updating the public on its new security programs, the software giant is issuing a guide outlining its patching process and how to assess vulnerability data.

	VIEW ALL NEWS ON VULNERABILITY RISK ASSESSMENT

EXPERT TECHNICAL ADVICE: 1 - 3 of 47

VULNERABILITY RISK ASSESSMENT EXPERTS
			Michael Cobb, featured expert Founder and Managing Director, Cobweb Applications Ltd. ASK A QUESTION

	Screencast: How to launch an OpenVAS scan 27 Oct 2009 TIP - In this screencast, Peter Giannoulis demonstrates the OpenVAS Linux/Unix-based assessment and penetration testing tool.

	Are Web application penetration tests still important? 05 Jun 2009 EXPERT ANSWER - Web application penetration tests continue to be an important part of the secure software development lifecycle process in order to reduce the number and severity of security-related design and coding errors.

	How to detect input validation errors and vulnerabilities 02 Apr 2009 EXPERT ANSWER - Expert John Strand reviews how to spot input validation flaws on your websites.

	VIEW ALL EXPERT TECHNICAL ADVICE ON VULNERABILITY RISK ASSESSMENT

REFERENCE & LEARNING: 1 - 3 of 10

	Information security book excerpts and reviews SearchSecurity.com | 19 Feb 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	CISSP Essentials training: Domain 10, Operations Security SearchSecurity.com | 12 Sep 2008 SECURITY SCHOOL - Prepare for the final segment of the CISSP exam by learning about operations security.

	Spotlight article: Domain 10, Operations Security SearchSecurity.com | 12 Sep 2008 SECURITY SCHOOL - Get a detailed introduction to CISSP exam Domain 10, Operations Security.

	VIEW ALL REFERENCE & LEARNING ON VULNERABILITY RISK ASSESSMENT

MAGAZINE CONTENT (free subscription required): 1 - 3 of 18

	The Pipe Dream of No More Free Bugs Information Security Magazine | 07 May 2009 COLUMNS - Security researchers have declared they want vendors to compensate them for their independent search for vulnerabilities.

	Security services: Fiberlink's MaaS360 Mobility Platform Information Security Magazine | 28 Nov 2008 HOT PICK & PRODUCT REVIEWS - The MaaS360 Mobility Platform service handles remote device updates, such as OS patches.

	Product Review: Shavlik's NetChk Compliance Information Security Magazine | 28 Nov 2008 HOT PICK & PRODUCT REVIEWS - Shavlik's NetChk Compliance automates compliance and provides control by actively managing system and security settings and allows the IT manager to identify and mitigate risks.

	VIEW ALL MAGAZINE CONTENT ON VULNERABILITY RISK ASSESSMENT

WEBCASTS: 1 - 2 of 2

	Comprehensive threat management: Helping you navigate the data security quagmire - Vendor Webcast VIEW WEBCAST PREMIERED:   27 APR 2006, 14:00 EDT (18:00, GMT) SUMMARY:   Outside attacks continue to threaten your network and drain valuable company resources. This webcast examines how you can protect your network from cyber attacks with an approach that anticipates known and unknown threats.

Solving the Internal Threat - Vendor Webcast VIEW WEBCAST PREMIERED:   17 NOV 2005, 14:00 EST (19:00, GMT) SUMMARY:   Established information security vendors avoid claims of protecting companies from the internal or insider security threat. In today's high-tech world, organizations need a new approach to internal IT security which enables them to detect when their IT infrastructure, enterprise data, corporate policy and government regulations have been compromised. Discover new security solutions in this webcast.

	VIEW ALL WEBCASTS ON VULNERABILITY RISK ASSESSMENT

WHITE PAPERS

Buyer's Guide to Vulnerability Management Published by: eEye Digital Security | 09 Nov 2009 WHITE PAPER - Vulnerability management (VM) isn't just one single, monolithic concept but rather a number of sub-concepts that all work together to make up a VM strategy. Check out this buyer's guide to VM to learn about getting started with your VM strategy. Also included is a full product listing of vulnerability management solutions.

	Try Rational AppScan Published by: IBM | 03 Nov 2009 ASSESSMENT TOOL - Download Rational® AppScan® Standard Edition V7.9, previously known as Watchfire AppScan, a leading Web application security testing tool that automates vulnerability assessments and scans and tests for all common Web application vulnerabilities including SQL-injection, cross-site scripting, and buffer overflow.

	Vulnerability Management: What my CIO Needs to Know Published by: eEye Digital Security | 03 Nov 2009 WHITE PAPER - Implementing a vulnerability management process is critical to protecting any business from harmful attacks. This whitepaper examines the importance of vulnerability assessment and the common myths surrounding security protection.

	VIEW ALL WHITE PAPERS IN THIS TOPIC

DEFINITIONS: 1 - 1 of 1

	gray hat 01 Jun 2001 WORD - Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners. Unlike a black hat, a gray hat acts ...

	VIEW ALL DEFINITIONS ON VULNERABILITY RISK ASSESSMENT

	SEE ALSO - Topics Related to Vulnerability Risk Assessment:  Configuration Management Planning, Security Testing and Ethical Hacking, Security Patch Management