Risk Management

Control Web Panel - Fingerprinting Open-Source Software using a Consolidation Algorithm approach

Apr 11, 2024 By Fábio Freitas In BitSight

At Bitsight, part of the core work of the Vulnerability Research team is to analyze new high-profile vulnerabilities and ensure we come up with ways to detect, at an internet-wide scale, who is affected by these. Sometimes - more often than not - the direct exploitation of these vulnerabilities is significantly intrusive, and thus we can not load a direct port of the publicly available Proofs-of-Concept onto our internet scanning infrastructure.

Read Post

BitSight

Read more about Control Web Panel - Fingerprinting Open-Source Software using a Consolidation Algorithm approach

Cyber Risk Quantification (CRQ) Models: How to Choose the Right One

Apr 11, 2024 By Kovrr In Kovrr

‍ “All models are wrong, but some are useful.” ‍ In the earliest days of cyber risk management, chief information security officers (CISOs) generally relied on matrices and other subjective risk assessments for strategic planning.

Read Post

Kovrr

Read more about Cyber Risk Quantification (CRQ) Models: How to Choose the Right One

DSPM and DFPM - Friends or Foes

Apr 11, 2024 By Anirban Banerjee In Riscosity

In this article we’ll discuss DSPM and DFPM, their similarities and differences, and the value that each one brings.

Read Post

Riscosity

Read more about DSPM and DFPM - Friends or Foes

MAX Prevents CRITICAL Zero-Day Vulnerability

Apr 11, 2024 By SecurityScorecard In SecurityScorecard

Today we learn about SecurityScorecard's MAX and how it single-handedly prevented a MAJOR Zero-Day Vulnerability. With SecurityScorecard MAX, you no longer have to worry about your supply chain being at risk. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.

View Video

SecurityScorecard

Read more about MAX Prevents CRITICAL Zero-Day Vulnerability

The EU Cyber Resilience Act: Securing Digital Products

Apr 11, 2024 By Kyle Chin In UpGuard

The EU Cyber Resilience Act (CRA) is a major piece of cyber legislation passed in 2024 in the European Union (EU) that regulates cybersecurity for digital products and services. The EU Cyber Resilience Act directly complements the NIS2 Directive, which regulates risk management and incident reporting across the European market.

Read Post

UpGuard

Read more about The EU Cyber Resilience Act: Securing Digital Products

Cyberattack at Sisense Puts Critical Infrastructure on Alert

Apr 11, 2024 By SecurityScorecard In SecurityScorecard

The cybersecurity community woke up on Thursday to news of a cyberattack on Sisense, a major business analytics software company. It’s thought that the breach may have exposed hundreds of Sisense’s customers to a supply chain attack and provided the attacker with a door into the company’s customer networks.

Read Post

SecurityScorecard

Read more about Cyberattack at Sisense Puts Critical Infrastructure on Alert

Vulnerability Management Metrics

Apr 11, 2024 By Nucleus

There are hundreds of statistics you could collect and monitor to use as guiding metrics, but that doesn't mean it's a good idea to do so. Learn the four most critical metrics to track in vulnerability management, and what they tell us about the health of your program.

Get EBook

Nucleus

Read more about Vulnerability Management Metrics

Fixing the Broken Vulnerability Management Process

Apr 11, 2024 By Nucleus

Many organizations are using outdated, highly inefficient, and time consuming VM processes that leave security personnel struggling to keep up. As the vulnerability landscape continues to evolve rapidly, the processes used to discover, track, and remediate them has failed to evolve with it.

Get White Paper

Nucleus

Read more about Fixing the Broken Vulnerability Management Process

Chapter One: The State of Vulnerability Management

Apr 11, 2024 By Nucleus

Vulnerability exploitation is involved in over half of breaches, making it a huge risk to organizations. And the problem only continues to balloon year over year... both in the speed at which attackers are capitalizing on exploited vulnerabilities, and in the way that technology and assets outgrow most organization's current vulnerability management programs. In this series, we're going to be breaking down how vulnerability management has grown and evolved over time, plus how to modernize your program using things like risk-based vulnerability management.

Get EBook