BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘vulnerability management’

blackholetoolkit1

BlackHole toolkit targets Microsoft XML Core Services flaw

Posted August 1, 2012    Sarah Lieber

Blackhole is a popular exploit kit used to inject malware onto PCs that visit an exploited site, or are redirected to such a site from another, compromised website.  As hackers get bolder they use these types of toolkits to compromise computer networks.  This allows less sophisticated individuals and organizations to compromise computer networks since these…

Tags:
, , , , , , , ,
img-android

Off the beaten Google Market

Posted July 10, 2012    Jerome Diggs

There have been a number of recent articles and blog posts around Android devices infected with various malware and malicious apps.  One recent nasty piece of malware found in many Chinese Android app stores is ‘Trojan!MMarketPay.A@Android’.   The interesting feature of this malware is that it can run up an unsuspecting user’s cell phone bill by…

Tags:
, , , , , , , , ,
ibm-bt-webinar-logo

5 ways to protect your sensitive data in the cloud – webinar with IBM

Posted June 12, 2012    Sarah Lieber

In 2 weeks, we’ll be hosting a live webinar with IBM’s Ed Bottini, Cloud Ecosystem Program Director and our own, Jim Zierick, EVP of Product Operations to discuss ways to protect your sensitive data in the cloud. We know cloud security is on everybody’s mind so be sure to join us on Tuesday, June 26 at 9AM-10AM PDT….

Tags:
, , , , , , , ,
gear6-98x98

Configuration Mistakes Make for Costly Security Gaps

Posted May 25, 2012    Daniel Jacobowitz

Earlier this week, Brian Prince over at Security Week posted an article on a subject that we’ve always been passionate about here at eEye, now BeyondTrust, Research – and that’s configuration.  More specifically, the incredible impact that smart, effective configuration can have on reducing attack surface for any size organization.

Tags:
, , ,
einstein

Call it Genius. Our Smart Groups Make Vulnerability Management Simple for Security Teams

Posted April 20, 2012    Morey Haber

eEye R&D has been hard at work on optimizing how our enterprise clients can manage and schedule assessments within Retina CS. These efforts will increase the efficiency of how our clients perform assessments across their IT infrastructure – be it their traditional server or desktop assets, or new technologies like mobile, virtual and cloud.

Tags:
, , , , , ,
eye in the sky_smaller-resized-600.jpg

Top VM Reports for Daily Security

Posted February 15, 2011    Morey Haber

Like most security professionals I subscribe to a plethora of email lists from Dark Reading to Threat Post.  Every day I receive their news and review the titles in their daily summary emails and drill into a few that may catch my eye.  The thing I like about this approach is that I receive a…

Tags:
, ,
img-mobile

Referential Integrity When Performing a Vulnerability Assessment

Posted January 25, 2011    Morey Haber

James Thurber wrote back in 1959, “When all things are equal, translucence in writing is more effective than transparency, just as glow is more revealing than glare.” The critical aspect of his statement is based on equality. When using multiple distributed applications, regardless of technology, having the same version on all the systems is sometimes…

Tags:
, ,
Team

Vulnerability Management in a Data Warehouse

Posted November 16, 2010    Morey Haber

Have you ever been asked, “How long has that vulnerability been in our systems?” Have you ever wondered if your patch management process is keeping up with the number of new vulnerabilities being identified? Keep reading…

Tags:
, , , , , , ,

The Value of a Zero-Day Vulnerability Assessment Scanner

Posted October 26, 2010    Morey Haber

Let’s assume your business is near perfect. You have a proven and reliable vulnerability management lifecycle in place and identification of vulnerabilities and patch remediation happens like clockwork. Finding lingering threats or missing patches is a rarity and even your endpoint protection solution never fails catching the latest malware. Like I said, a near perfect…

Tags:
, , , , , , ,

New eEye Zero-Day Tracker Site is Up!

Posted September 22, 2010    Marc Maiffret

We are excited to announce the re-launch of our Zero-Day Tracker service. The Zero-Day Tracker, or ZDT, is your one-stop resource for an at-a-glance view of existing Zero-Day vulnerabilities. This includes descriptions of the extent and impact of the vulnerability and any potential mitigation that your IT team could take against a given Zero-Day vulnerability….

Tags:
, , , ,