BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘vulnerability management’

shellshock-beyondinsight

Keeping Track of Shellshock Vulnerabilities with Retina CS and BeyondInsight

Posted October 2, 2014    Jerome Diggs

Worried about BASH Shellshock? Retina CS Enterprise Vulnerability Management can scan your environment to identify applications affected by Shellshock. BeyondTrust has generated several Retina vulnerability audits to help our customers identify the various permutations of applications affected by Shellshock. The BeyondInsight Analytics and Reporting engine, included with Retina CS, makes it simple to view and…

Tags:
, , , ,
PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,
smart-rules-manager-assets

Where Passive Scanning Falls Short

Posted July 11, 2014    Morey Haber

In many sports, as in business, teams will promote a strategy to gain an edge – even if the concept is possibly flawed. Consider an American football hurry-up offense: will it cause the defense to stumble, or will it just exhaust the offense? The play has potential pros and cons, and many strategic technologies are…

Tags:
, , , , , , ,

Webcast Recap: “6 Best Practices for Privilege Management, Vulnerability Management, and IP Protection” with Larry Brock

Posted June 27, 2014    Chris Burd

In the latest on-demand webcast, BeyondTrust joins Larry Brock, the DuPont, USAF and NSA veteran and principal of Brock Cyber Security Consulting, to discuss “6 Best Practices for Privilege Management, Vulnerability Management, and IP Protection.” Below is a summary of key takeaways from the webcast, plus an on-demand video recording of the full presentation. Brock…

Tags:
, , , , ,
users-graphic-0614

Statistics, Claims, Marketing and Leadership in IT Risk Management

Posted June 12, 2014    Morey Haber

Good marketing plans and effective technology can place unmovable stakes in the ground in terms of statistics and claims. You see these every day in the form of ROI calculations, customer results, performance figures … the list goes on. The intention, to put it bluntly, is to point out differentiators that help customers select one…

Tags:
, , , , , ,
enter-here-computer

Accounting for Vulnerability “States” in Your Risk Assessments

Posted June 9, 2014    Morey Haber

Vulnerability management (VM) processes have had to evolve exponentially in recent years. Most of this evolution has occurred in terms network coverage, as scanners have moved beyond conducting sequential assessments to advanced agent, connector and credentialing technologies. However, most VM applications are still unable to provide meaningful data for prioritizing vulnerabilities in terms of real…

Tags:
, , , , ,

Webcast Recap: Surviving the Vulnerability Data Maelstrom with Dave Shackleford

Posted May 21, 2014    Chris Burd

If your vulnerability management (VM) processes are like most, you’re drowning in information and wondering whether your scanning and reporting tools are revealing true risks or sending every tiny issue your way for review. Unfortunately, getting alerts for low-level vulnerabilities and false positives is still considered a standard best practice. But to free themselves from…

Tags:
, , , , ,
RCS-Mobile-Blog-IMG

Identifying Android Phone Vulnerabilities that Threaten Your Corporate Network

Posted May 20, 2014    Morey Haber

According to a recent McKinsey survey, more than 80% of employees now use personal smartphones for work-related purposes. Vulnerable smartphones can spread malware to business infrastructure via emailed attachments and to corporate networks through bots. Assessing mobile devices for vulnerabilities that could lead to infections and data manipulation is therefore a real concern for data…

Tags:
, , , , , , , ,
smart rules manager for vulnerabilities - v2

A New Way of Looking at Vulnerabilities in Your Environment

Posted April 23, 2014    Morey Haber

Assets, users, vulnerabilities and exploits; all are common themes in my posts on BeyondInsight. With BeyondInsight v5.1, we unveiled a new way to view exploitable assets. Sure, most vulnerability management solutions link vulnerability data to exploit information, allowing tools like NeXpose and QualysGuard to list an asset, its vulnerabilities, and any related exploits. BeyondInsight does…

Tags:
, , , , ,
smart rules manager for vulnerabilities

Staying on Top of the Latest Vulnerabilities with BeyondInsight v5.1

Posted April 21, 2014    Morey Haber

It’s no secret that dozens of new OS and application vulnerabilities are revealed every day. Staying on top of these new exposures normally requires paying for services or subscribing to multiple RSS feeds. BeyondInsight 5.1 provides customers with another option: a built-in, customizable vulnerability alerting system that delivers up-to-date information on the latest vulnerabilities in…

Tags:
, , , , , ,