BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘vulnerability’

cs_patch-view-680x484

Patching is Still a Challenge? Yup.

Posted March 14, 2012    Morey Haber

eEye has always taken a “zero gap” approach to our threat management product strategy. That thinking has been the driver for our market firsts in support for new technologies such as cloud, mobile, and virtualization vulnerability management. These new technologies bring tremendous benefits, but they also bring risks with them as well, which must be…

Tags:
, , , , ,
factormythimage-98x98

Don’t believe everything you hear when it comes to security

Posted March 1, 2012    Sarah Lieber

Our good friend Ellen Messmer, recently published Network World article “13 security myths you’ll hear — but should you believe?”  , which listed common security myths shared and commented on by some of security’s leading experts and practitioners. Working at a security company, I work (and also sit) closely with a stellar team of researchers….

Tags:
, , , ,
eeye-451logos

Missed it Live? Watch the “Big Security Data” Webinar with 451 Research & eEye Here.

Posted February 29, 2012    Sarah Lieber

Recently, 451 Research and eEye hosted the webinar “Turning Your Big Security Data into a Big Advantage”. This discussion was on the topic of “Big Data” and how it relates to today’s security landscape. Featuring 451’s Andrew Hay, we covered how today’s enterprise IT and security teams can best leverage their ‘big security data’ to make…

Tags:
, , , , , , ,
ciso-up-at-night-98x98

5 Things That Keep a CISO up at Night

Posted January 20, 2012    Sarah Lieber

Recently I had the unique experience to attend a presentation given by the CISO of a major entertainment network which took place at eEye’s annual sales and marketing kickoff.  It was an excellent presentation, where he shared things like his past experiences, how he and his team select security products and which metrics matter most…

Tags:
, , , , , , , , , ,
img-64

Samsung Mobile Devices Vulnerable to Website Wipe

Posted October 16, 2011    Peter McCalister

According to IBTimes, Samsung, one of the leaders in manufacturing Android devices, has a very serious bug in their TouchWiz implementation of Android. Samsung, like most manufacturers, modifies the stock Android image to add in its own modifications and enhancements.

Tags:
, , ,
bigdata-98x98

Prioritizing Vulnerability Assessment and Remediation Steps: A New Users Guide to Getting Started – Part 2

Posted February 22, 2011    Morey Haber

The odd part about writing weekly blogs is the amount of discussions that start internally, with clients directly, and sometimes through straight blog comments. After writing “A New Users Guide to Getting Started” article, my team indicated several really good ideas for a Part II follow-up blog. Simply, just getting started with vulnerability management is not enough….

Tags:
, , ,
MR

More Than Just Patch Management for Remediation

Posted December 9, 2010    Morey Haber

I have been combing though some vulnerability reports and the vast majority of remediation strategies revolve around applying a patch. Simple in concept; install this patch, and the vulnerability is mitigated. The difficulty arises when you have vast quantities of the patch to deploy, are unsure whether the security update breaks any other function or…

Tags:
, , , , , , ,
img-65

Retina Helps Identify Weak Certificates

Posted October 16, 2010    Peter McCalister

Microsoft has released a Security Advisory for the upcoming patch to increase minimum bit levels of certificates to 1024 bit security advisory 2661254. The expected release date for this patch is Oct 9th at which time the update will be available through Windows Update.

Tags:
, , , , ,

When Your Vulnerability Scanner Breaks Your Compliance

Posted August 30, 2010    Marc Maiffret

At eEye Digital Security we strive to make sure our Retina Network Security Scanner technology not only has great auditing capabilities for missing patches and misconfigurations, but also for remotely exploitable server vulnerabilities. We have been a pioneer in the space of non-intrusive, unauthenticated, vulnerability checks for many years now. In fact, on more than…

Tags:
, , ,