About Us

Become A Contributor

Linkedin Twitter Youtube

Tag: Vulnerability Assessment

Socura Launched New Managed Vulnerability Scanning Service

Posted on by admin

Socura has launched a new Managed Vulnerability Scanning (MVS) service. The MVS service from Socura is developed to assist clients in identifying potential vulnerabilities and misconfigurations across all on- and off-premises systems, including their local network, cloud applications, web applications, and mobile devices.

The service enables users to prioritize their remediation efforts while adhering to cyber security regulations and resolving security issues. The MVS service provides continuous vulnerability identification and mitigation and can run on-demand or on a schedule. It will assist Socura’s SOC team in limiting the success of attempted cyber-attacks.

Andrew Kays, CEO of Socura, commented, “Our MVS service empowers our customers to be more focused when protecting their IT assets, allowing them to focus their efforts in areas that will make the greatest difference. The data from our MVS tools will also feed into the SOC to help our team understand potential customer weaknesses, how to mitigate them, and ultimately ensure they are well protected. This is more important than ever, with vulnerabilities evolving as systems are updated, and new attack techniques becoming available”.

The MVS’s insights will improve Socura’s SOC capabilities by giving its analysts more context, which they can use to protect customer environments and set the order of importance for attack surface reduction initiatives. The advanced MVS service will provide customers with a full breakdown and prioritization of vulnerabilities, as well as an analysis of their potential impact and actionable insights for internal teams’ defensive efforts.

MVS is available for customers with two levels of service. Under the standard service, Socura will deploy the vulnerability scanning platform for clients, including setup, management, onboarding, scanning, and regular reporting. The advanced MVS service also includes an assessment of MVS scan results by Socura’s SOC team.

Socura’s MVS service includes features such as continuous vulnerability scanning and management, new asset discovery across the IT estate, monthly vulnerability reports, identification, and evaluation of vulnerabilities, including any threats that may exploit them, and actionable insights from Socura’s expert SOC analyst team.

Zyxel Communications And SEC Consult Formed Partnership To Improve Cybersecurity

Posted on by admin

Zyxel Communications today announced a partnership with SEC Consult, a leading consultancy in cyber- and application security. The collaboration between the two companies will further strengthen Zyxel’s cybersecurity strategy by expediting and optimizing the ability to respond to threats and vulnerabilities posed by increasingly-complex and ever-evolving cybersecurity threats.

Zyxel Communications announced a partnership with SEC Consult, a prominent cyber- and application security firm. The partnership will boost Zyxel’s cybersecurity strategy by accelerating and improving the company’s capabilities to respond to risks and vulnerabilities caused by incredibly challenging and ever-evolving cybersecurity threats.

End-users are heavily dependant on information-sensitive online services as digitization pervades daily life and online communications tools become crucial for many services. As a result, leading internet service providers are placing an even greater emphasis on network security.

Ensuring a secure development and software architecture

To maintain the highest level of product security, Zyxel, a prominent broadband access provider, has a thorough security strategy and already employs a dedicated security team. The partnership with SEC Consult is aimed at addressing the problems that software-driven products can cause by exposing the network to unidentified security vulnerabilities. The firms collaborated to perform a thorough organisational and technological review that will result in an overall optimization of Zyxel’s safe software development process and security verification methods, with the goal of detecting and eliminating potential security risks.

SEC Consult also did a vulnerability assessment, which included a look into the software for a few Zyxel devices. The assessment’s findings were given to Zyxel’s specialised security team as input for a secure development and software architecture.

SEC Consult will now assist Zyxel in implementing a firmware security analysis platform as a regular security review mechanism in order to automate the security analysis method in the long run.

Raising the overall security level

“Cybersecurity should be considered from the very beginning. It is important to cooperate as early as possible in the value chain, starting with the manufacturers. Additionally, continuous improvement and regular assessments are just as important as the sustainable creation of security awareness in the company. We are proud that our company is supporting Zyxel to prevent, handle, and manage security vulnerabilities more efficiently in the future,” says Wolfgang Baumgartner, General Manager SEC Consult Group.

“The cooperation with SEC Consult will help us to reinforce our security awareness among employees through well-designed training programs. We expect to escalate our product security level through proactive vulnerability prevention,” said Gavin Yeh, Senior Director, EMEA CPE SBU at Zyxel.

BlackBerry and Deloitte Formed an Alliance to Secure IoT Software Supply Chains

Posted on by admin

BlackBerry Limited and Deloitte announced that they are collaborating to assist OEMs to secure their supply chains by building mission-critical applications.

Deloitte will use BlackBerry® Jarvis tool to provide open source (OSS) software, common vulnerabilities and exposures (CVE) and software data bill (SBOM) analyses to help its clients in the medical, automotive or aero industry, to ensure safe and secure software as part of the agreement. 

In order to ensure the safety of its traffic management and wider transport infrastructure, the G7 Transportation Ministry has selected the joint software and services of the companies.

“We’re thrilled to partner with Deloitte to help OEMs and those responsible for critical infrastructure better understand their embedded systems security challenges with a view to ensuring their end products are both secure and updated with the most recent security patches. Just as a health-conscious grocery shopper can benefit from scrutinizing nutrition labels on food packages, an embedded software developer can gain a whole host of insights by leveraging tools and expertise that enable them to detect issues in their supply chain that may have real implications for intellectual property disputes, security risks and overall quality,” said Adam Boulton, Chief Technology Officer, BlackBerry Technology Solutions. “

BlackBerry Jarvis is designed to respond to the increasing complexity and threats to cyber-security among multi-stage supply chains. It enables OEMs to monitor their code origin and each software asset in their supply chain to ensure their products are both safe and upgraded with the latest safety patches.

By identifying vulnerabilities, BlackBerry Jarvis address the need for deeper action in minutes. Otherwise, manual scanning would take a large number and impractical time for a large number of experts.

Stephen Meagher, Director of IOT for Risk Advisory, Deloitte said, “Deloitte is very excited to partner with BlackBerry. Our already productive relationship will focus on key mobility and other market opportunities.  We’re confident that BlackBerry’s deep security heritage and expertise complimented by Deloitte’s world leading Risk Advisory teams will create a compelling value proposition for new and existing clients.”

Snyk Secures $75 Million Funding

Posted on by admin

Snyk, the global leading developer security firm announced that it has raised $75 million in Series F Funding round from Atlassian Ventures and Salesforce Ventures. Snyk is committed to advancing developer security through equipping millions of development partners to build security early on without sacrificing the speed that their business needs to compete successfully. It pushes the value of the company to $8.6 billion, and the capital total to $850 million, more than 10% of which come directly from Atlassian Ventures and Salesforce Ventures.

In close collaboration with Snyk, Atlassian, and Salesforce are have aim to facilitate the identifying, fixing and monitoring vulnerabilities in their existing workflows for the global developer population – estimated at 26.2 million by 2020 and expected to reach 43.2 million by 2025.

“For Atlassian and Salesforce, this investment in Snyk is more than just capital. Like Snyk, these two industry leaders are fiercely committed to empowering developers to embed security into the entire application. We are humbled by their true, long-term commitment to evolving the legacy security industry through a developer-led approach,” said Peter McKay, CEO, Snyk.

“The desire to do things differently inspires us, and Snyk is reinventing the way organizations think about security. They are a vital part of our ecosystem, tightly integrated into our core products. We’re thrilled to further support their journey and together increase the millions of developers that benefit from their work,” said Chris Hecht, Head of Corporate Development, Atlassian.

“As an early investor since the company’s Series B, we are excited to deepen our partnership and continue to support Snyk as the leader in developer security. Snyk’s vision to empower developers to drive greater agility and digital transformation resonates, and we are excited to support them as both an investor and customer,” said Alex Kayyal, SVP & Managing Partner, Salesforce Ventures.

Rezilion Secures $30 Million In Series A Funding to Automate DevSecOps

Posted on by admin

Rezilion, a cyber startup that uses automation to change DevSecOps, today received $30 million investment in Series A funding led by Guggenheim Investments. Current and former cybersecurity professionals and luminaries from Google, Microsoft, CrowdStrike, IBM, Cisco, PayPal, JP Morgan Chase, Nasdaq, eBay, Symantec, RedHat, RSA, and Tenable contributed to the round, as did new investment partners JVP and Kindred Capital.

With DevOps, code development has become fully automated, yet there is now a crippling bottleneck between engineering and security teams. Understanding, mitigating, and limiting the risk associated with the huge lines of code published by corporations every day is a constant problem, and it still involves extensive manual work by highly skilled engineers. As a result, businesses must choose between remaining secure and distributing products quickly.

Rezilion makes security as agile as DevOps by automating repetitive security bottlenecks. It is the only approach that significantly minimizes the amount of security effort necessary to deploy new digital products while maintaining the security of software platforms. Clients who use Rezilion’s vulnerability validation technology have decreased their patching backlog by more than 70% on average, freeing up important engineering resources to focus on product expansion.

“Rezilion’s product suite is a game changer for security teams. It creates a win-win, allowing companies to speed innovative products and features to market while enhancing their security posture. We believe Rezilion has created a truly compelling value proposition for security teams, one that greatly increases return on time while thoroughly protecting one’s core infrastructure,” said Rusty Parks, Senior Managing Director of Guggenheim Investments.

“At Rezilion, we are deeply committed to helping organizations drive their own innovation by reducing the resource drain, inaccuracies and operational friction created by manual security work. We know there’s never been a better time for organizations to experience what we call ‘trust in motion,’ or the peace of mind that comes from moving fast while staying safe and secure,” said Liran Tancman, co-founder and CEO of Rezilion. “

“Our technology brings developers and security teams together. This funding round will allow us to dramatically accelerate our vision by advancing product development and driving growth on a global scale,” says Shlomi Boutnaru, co-founder and CTO of Rezilion.

“Rezilion’s pioneering approach generates a host of benefits to meet the needs of CEOs, CIOs and CISOs, from expediting digital transformation, faster product rollouts and enhanced productivity and compliance to the adoption of state-of-the-art development best-practices and the guarantee of better security and improved ROI. Under the proven leadership of Liran and Shlomi, we look forward to expanding Rezilion’s markets and offerings to provide more value based on its unique technology,” stated Yoav Tzruya, General Partner at JVP.

The funds will be utilized to rapidly accelerate Rezilion’s go-to-market strategy, including partnering with other DevSecOps solution providers and expanding operations across the US and Europe. Additional product development attempts to bridge the gap between security and engineering, increasing the productivity of both teams so that software can be delivered on time and businesses can innovate more quickly.

Microsoft, CISA recommend Mitigations for Zero-Day RCE vulnerability in Windows

Posted on by admin

Microsoft and government cybersecurity authorities are recommending businesses to implement mitigations to prevent a zero-day remote control execution (RCE) vulnerability in Windows operating systems cybercriminals to create malicious Microsoft Office documents.

Microsoft released a statement on their website –

“Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.

An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.”

Vulnerability Management – Insights

Posted on by admin

The process of identifying, analyzing, classifying, and remediating vulnerabilities depending on the risk they constitute to an organization is known as vulnerability management (VM). A vulnerability scanner is the key technical component of this procedure since it detects resources connected to a company’s network and assesses them for vulnerabilities.

Vulnerability scanner scans a computer system for known vulnerabilities such as unsecured software setups, open ports and malware infection susceptibility. A zero-day vulnerability is one that is unknown or brand new. For cyber attacks and security breaches, exploiting flaws in operating systems, devices, browsers, and third-party applications to infect end-user devices is the first step. Identifying and repairing these vulnerabilities before cybercriminals can exploit them is a preventive security technique that should be included in any security program.

The Elements of Vulnerability Management are –  

Plan: Initiate by specifying the scope of the vulnerability management system, including what will be scanned and how it will be scanned. Security teams need to decide the frequency of scanning. Security teams must decide which resources are the most important and who has authority over them.

Scan: An organization’s entire network is scanned for vulnerabilities, insecure devices and software setups, compliance with security regulations. Internal scanning evaluates the cybersecurity of an organization’s network inside the firewall, whereas external scanning is done from the outside. Scanning both internally and externally provides a complete picture of risks.

Remediate: Remediation priorities are set based on the severity of the threat and importance of the resource for an organization, and then it is assigned to an employee who will be remediating the vulnerability. Low-level vulnerabilities are resolved after high or critical vulnerabilities.

Track Progress: Company needs to check the success of its vulnerability management programme. To do this companies, need to define a baseline, set success indicators, and track progress towards their goals. Companies need to improve their vulnerability management system, so they need to add the latest or newly discovered zero-day vulnerabilities to their database.

Proof of Concept

This proof-of-concept helps to understand the technical and financial implications of the vulnerabilities. It also helps in remediating vulnerability.

Risk Scoring

Thousands of vulnerabilities are discovered in an organization. They need an advanced risk rating algorithm to figure out which systems to patch first for effective prioritization. To automate the prioritising of vulnerabilities, the risk score should include threat parameters such as exposure to exploits and viruses, duration of vulnerability.

Scalability

As a company grows, so should its vulnerability management solution’s capacity. Companies should be able to increase capacity at small expenses by adding scan engines to their current solution. The solution vendor should have expertise with similar-sized installations in larger environments. 

Report Customization and Consolidation

Security teams can centrally manage prioritisation and remediation across the firm’s entire network, as well as monitor security risk and compliance trends, by combining data reports collected from each scan engine. On a single dashboard or user interface, the VM solution displays vulnerabilities, customizations, policy compliance, and other asset information like installed software. 

Bug Bounty and Vulnerability Disclosure Programs

Official vulnerability disclosure programs and policies define parameters for security researchers, obligate businesses to avoid legal action if others follow their rules and provide instructions on how to report vulnerabilities discovered. Some organizations offer monetary or other initiatives to promote responsible security researchers to work in good conscience. The incentives are commonly referred to as the “bug bounty” program. Several specialized organizations that are well-known in the security researcher community provide bug bounty program management and support services. Following the discovery of a vulnerability, companies generally issue a software patch or other fix.

The majority of cyber-attacks happen because there is a flaw or vulnerability in the software. Identifying vulnerabilities and fixing them is a crucial step. 100% secure software doesn’t exist thus finding the flaws and fixing them is a continuous process that improves software security. Hence vulnerability management solutions’ cyber security market share is increasing.

NetSPI’s Penetration Testing and Vulnerability Management Platform now includes risk scoring

Posted on by admin

NetSPI, the industry leader in organizational penetration testing and attack surface management, has added risk scoring to its ResolveTM vulnerability management and penetration testing platform. NetSPI’s risk score intelligence in combination with Penetration Testing as a Service (PTaaS) assists clients in prioritizing, managing and remediating the vulnerabilities that pose the highest risk to their firm.

NetSPI’s new risk scoring features dynamical  integration into PTaaS to deliver both a detailed vulnerability risk score and an aggregate risk score for a firm’s projects, assets, apps, and networks. NetSPI customers who use its penetration testing services have access to risk scoring. NetSPI clients can safely dedicate funds and resources to the most critical vulnerabilities by using risk rating.

The risk scores are used as a quantitative assessment for risk reduction over time, validation of cybersecurity expenditures, resource allocation, and benchmarking in the industry. With NetSPI’s risk score, organizations can appropriately prioritize vulnerability patching by taking into account business context and the threat landscape.

“There are varying approaches to assigning vulnerability severity, but risk today extends far beyond individual vulnerabilities. The key is to recognize the risks most likely to disrupt the business, identify the threats that would increase those risks, and prioritize the most appropriate mitigations to protect your organization from those threats. NetSPI’s risk scoring does just that,” said Jake Reynolds, Head of Product at NetSPI.

“Reactive cybersecurity is a thing of the past. Security leaders must get proactive and take a risk-based approach to stay ahead of today’s adversaries. Our risk scores enable NetSPI clients to make proactive security decisions based on their unique risk factors. In other words, it allows them to confidently allocate budget and resources to the vulnerabilities that matter most,” said NetSPI President and CEO Aaron Shilts.

GoVanguard completes acquisition of Gotham Security

Posted on by admin

GoVanguard  technology security company has accomplished the acquisition Gotham Security. The acquisition enables GoVanguard to expand its cybersecurity leadership, strengthening its staff and experience to support clients’ growing need to prevent and mitigate disruptive threats like ransomware cyberattacks. The move is a crucial part of GoVanguard’s mission to raise security awareness and equip its customers with elite-level cybersecurity services.

GoVanguard provides security solutions to a wide range of sectors. Several worldwide enterprises, medium-sized companies, and small local businesses are among their clients, which span the financial, healthcare, insurance, and technology industries.

GoVanguard’s reputation has been established on its adversary simulation, risk reduction, threat management, and information security strategy techniques. By acquiring a five-year partner and market leader in red-teaming and pentesting—The two key services for firms protecting against security threats and staying ahead of dangers to corporate information are accomplished. 

“As threat actors become more sophisticated, it’s become obvious that the best defense is to go on the offensive. Adversary simulation has become increasingly valuable for organizations looking to quickly gauge and improve their security position. Afterall, if you can’t measure it, you can’t improve it. Gotham Security has been a close partner for years and this was a natural next step to allow our red-teaming experts to take our clients’ defenses to the next level and continue our dedication to finding the security gaps before cybercriminals do,” said Mahdi Hedhli, GoVanguard CEO.

Blake Shalem, Gotham Security COO, will be joining GoVanguard as its Chief Customer Officer. Blake said, “This move allows us to elevate what we do best, which translates to a superior class of protection for our clients.”

With the acquisition of Gotham Security by GoVanguard, clients will be able to stay one step ahead of the cybercriminals, particularly in the areas of red-teaming and pentesting, which will help businesses remove security vulnerabilities before hackers strike.

“We’re doubling down on our commitment to improve the cybersecurity landscape by honing our focus on red teaming. We feel this is the area where GoVanguard makes the biggest impact for our clients and the industry as a whole,” Hedhli said.

DeepSurface Security Announces Endpoint Integration with Microsoft Defender

Posted on by admin

DeepSurface, the award-winning risk-based vulnerability management platform has integrated with Microsoft Defender for Endpoint. DeepSurface can now automatically accept reports of vulnerabilities, missing patches, and misconfigurations across Microsoft, Linux, and Mac hosts provided by Microsoft Defender for Endpoint. DeepSurface then assesses and ranks vulnerabilities based on the possible risk to the company. Vulnerability management teams can gain comprehensive insight on where their cybersecurity risks are with DeepSurface, allowing them to lower the risk of a cyberattack on their company swiftly.

“Vulnerability Management plays a crucial role in improving an organization’s overall security posture, and Microsoft’s threat and vulnerability management capabilities are a great way for customers to easily add vulnerability data to their threat model. We’re excited to make DeepSurface easy to use for any customers deploying Microsoft Defender for Endpoint. The new integration means companies can implement a cost-effective method of contextual vulnerability prioritization in one easy-to-use interface,” said DeepSurface CTO and co-founder Tim Morgan.

DeepSurface is one of the few vulnerability management systems that take into account more than 50 different environmental factors. User and system account permissions, Active Directory configuration, critical and sensitive assets, installed software, user activity, network access, vulnerability scanner output (from Tenable, Qualys, Microsoft ATP, and Rapid7), and AWS Elastic Compute Cloud (Amazon EC2) attributes are among the items examined. All of these details are utilized to place vulnerabilities (and chains of vulnerabilities) in the context of an organization’s digital infrastructure.

Tomer Teller, principal security program Manager, Microsoft said, “We’re pleased to see DeepSurface integrate with our threat and vulnerability management capabilities in Microsoft Defender for Endpoint because it gives our mutual customers even more flexibility in designing a well-integrated vulnerability management program.”

InfoSecurity Outlook Magazine focuses on keeping track of Information Security, Data Security, Cloud Security, IoT Security and Fraud Management related technology to help entrepreneurs protect their organizational data from threats and misuse.

Quick Links

Our Brands

© 2023 InfoSecurity Outlook. All rights reserved.

Terms & Conditions

Privacy Policy