scanning
The most common exploit paths enterprises leave open for attackers
Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server …
An offensive mindset is crucial for effective cyber defense
As ransomware attacks continue to increase and cybercriminals are becoming more sophisticated, the federal government has implemented a more proactive approach when it comes …
How to identify vulnerabilities with NMAP
In this video for Help Net Security, Shani Dodge Reiner, Development Team Leader at Vicarius, explains how to identify vulnerabilities using the NMAP tool. NMAP is a very …
Why a modern vulnerability management strategy requires state-of-the-art solutions
In this interview with Help Net Security, Stephen Carter, CEO at Nucleus Security, explains the importance of having a vulnerability management strategy within an …
Solving the problem of secrets sprawling in corporate codebases
GitGuardian announced the results of its report which extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in …
The importance of implementing security scanning in the software development lifecycle
Veracode published a research that finds most applications are now scanned around three times a week, compared to just two or three times a year a decade ago. This represents …
Why vulnerability scanners aren’t enough to prevent a ransomware attack on your business
Vulnerability scanners are still essential tools for defenders protecting enterprise and government networks. But given the rapidly increasing complexity of today’s …
The importance of vulnerability management for your organization
Everyone is familiar with home burglaries. Criminals case a house looking for easy access through open windows, unlocked doors, open garages, and the like. Hackers take the …
Blocked DDoS events up 75% in the first nine months of 2021
Radware has published results from its report which provides an overview of the DDoS attack landscape, application attack developments, and unsolicited network scanning …
Nessus 10 is out, with Raspberry Pi support
Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to deploy the …
Secure your databases against opportunistic attackers
If you connect databases / servers to the internet and secure them poorly, you can count on them getting compromised quickly. According to findings by Radoslaw Zdonczyk, …
How to harden Kubernetes systems and minimize risk
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a report which details threats to Kubernetes environments and …