Vulnerability

MITRE releases 2020 CWE Top 25 most dangerous software weaknesses

Sep 17, 2020 By Taylor Armerding In Synopsys

Knowing what could hurt you can help you. That’s the point of the nonprofit MITRE’s 2020 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors (CWE Top 25) list, released a few weeks ago.

Read Post

Synopsys

Read more about MITRE releases 2020 CWE Top 25 most dangerous software weaknesses

Detecting CVE-2020-14386 with Falco and mitigating potential container escapes

Sep 16, 2020 By Kaizhe Huang In Sysdig

On September 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables an unprivileged local process to gain root access to the system. CVE-2020-14386 is a result of a bug found in the packet socket facility in the Linux kernel. It allows a bad actor to trigger a memory corruption that can be exploited to hijack data and resources and in the most severe case, completely take over the system.

Read Post

Sysdig

Read more about Detecting CVE-2020-14386 with Falco and mitigating potential container escapes

The History of Common Vulnerabilities and Exposures (CVE)

Sep 16, 2020 By Ary Widdes In Tripwire

During the late 1990s, security professionals were using information assurance tools in concert with vulnerability scanners to detect and remove vulnerabilities from the systems for which they are responsible. There’s just one problem – each security vendor has its own database with little to no crossover.

Read Post

Tripwire

Read more about The History of Common Vulnerabilities and Exposures (CVE)

Critical Vulnerabilities in ICS Products Could Enable OT Execution Attacks

Sep 14, 2020 By Morgan Reed In NNT

Security researchers recently discovered six critical vulnerabilities in third-party code that could expose hundreds of thousands of OT environments to remote code execution attacks. These vulnerabilities were found in Wibu-Systems’ CodeMeter software, a license management platform that is used widely by some of today’s leading industrial control system (ICS) product vendors, include Rockwell Automation and Siemens.

Read Post

NNT

Read more about Critical Vulnerabilities in ICS Products Could Enable OT Execution Attacks

Identifying the Most Dangerous Common Software and Hardware Weaknesses and Vulnerabilities - The CWE Top 25 (2020 Edition)

Sep 7, 2020 By Matthew Jerzewski In Tripwire

So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE).

Read Post

Tripwire

Read more about Identifying the Most Dangerous Common Software and Hardware Weaknesses and Vulnerabilities - The CWE Top 25 (2020 Edition)

Fix now: High risk vulnerabilities at large, September 2020

Sep 4, 2020 By Simon Roe In Outpost 24

Since the start of the pandemic we’ve been writing about the latest CVEs to look out for in our risk based vulnerability management blog. As we head into the Autumn and the nights begin to draw in, threat actors continue to exploit vulnerabilities the world over. Let’s take a look at some that have raised their profile in the last couple of weeks.

Read Post

Outpost 24

Read more about Fix now: High risk vulnerabilities at large, September 2020

Summer 2020 Product Release

Sep 1, 2020 By Outpost 24 In Outpost 24

Learn about the new product features or watch the video highlight of our Summer release to help you manage vulnerabilities more effectively and automate security hygiene across the full technology stack with less effort.

Read Post

Outpost 24

Read more about Summer 2020 Product Release

Predictive Risk-Based Vulnerability Management

Sep 1, 2020 By Outpost 24

Are you struggling to triage through tons of findings to identify the greatest threats and patch more effectively? You are not alone! With speed being the biggest challenge to effectively patch, this whitepaper looks at how existing prioritization works with CVSS scoring and how a risk based approach with machine learning can be applied to align corporate risk appetite and drive better decision making for optimal efficiency.

Get White Paper

Outpost 24

Read more about Predictive Risk-Based Vulnerability Management

Build Security Into Your SDLC With Coverity

Sep 1, 2020 By Synopsys

Are your developers getting discouraged by too many false positives from security tools that slow them down? You need a solution that boosts their productivity, finds real vulnerabilities, and provides expert remediation guidance. Coverity will help you achieve this and more. Learn how you can assess the ROI of implementing Coverity into your SDLC, quickly build secure applications, and accelerate your software velocity.

Get White Paper

Synopsys

Read more about Build Security Into Your SDLC With Coverity

Vulnerability assessment | ManageEngine Vulnerability Manager Plus

Aug 25, 2020 By ManageEngine In ManageEngine

ManageEngine Vulnerability Manager Plus is a prioritization driven threat and vulnerability management solution for enterprises with built-in remediation. This video covers how you can utilize Vulnerability Manager Plus to discover vulnerabilities, put them in context to understand their impact and urgency, and swiftly remediate the imminent vulnerabilities with a built-in patching workflow.

View Video