vulnerability management
How to build an effective vulnerability management program
The concept of vulnerability management has undergone a number of changes in the last few years. It is no longer simply a synonym for vulnerability assessment, but has grown …
February 2019 Patch Tuesday: PrivExchange hole plugged
For the February 2019 Patch Tuesday, Microsoft has released fixes for over 70 CVE-numbered vulnerabilities, 20 of which are rated Critical. Also rated Critical are the Adobe …
0patch releases micropatch for Windows Contacts RCE zero-day
ACROS Security, the creators of 0patch, have released a micropatch for a recently revealed zero-day RCE flaw affecting Windows. About the vulnerability and the micropatch …
Vulnerabilities’ CVSS scores soon to be assigned by AI
The National Institute of Standards and Technology (NIST) is planning to use IBM’s Watson to evaluate how critical publicly reported computer vulnerabilities are and …
Building security into DevOps versus bolting it on
In this podcast, Hari Srinivasan, Director of Product Management for Qualys, talks about building security into DevOps versus bolting it on, specifically for containers. …
Qualys Community Edition: Discover IT assets, manage vulnerabilities, scan web apps
In this podcast recorded at Black Hat USA 2018, Anthony Mogannam, Product Manager, SME/SMB Solutions at Qualys, talks about issues related to open source software and Qualys …
Incorporating sensitive asset data into your vulnerability and compliance program
In this podcast recorded at Black Hat USA 2018, Tim White, Director of Product Management, Policy Compliance at Qualys, talks about the importance of incorporating …
Why do enterprises take a long time to install vital security updates
More than a quarter (27%) of enterprise IT departments in the US are forced to wait at least a month before installing vital security updates, due to budgetary restraints and …
Endpoint breach prevention by reducing attack surfaces
In this podcast recorded at Black Hat USA 2018, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about endpoint breach prevention by reducing …
Qualys and IBM X-Force Red help orgs identify, fix most critical vulnerabilities
Qualys announced that IBM X-Force Red will leverage the Qualys Cloud Platform as part of its X-Force Red Vulnerability Management Services (VMS). As part of an expanded …
GitHub adds Python support for security alerts
GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also …
The importance of threat intelligence and vulnerability remediation prioritization
In this podcast recorded at RSA Conference 2018, Jimmy Graham, Director of Product Management, Vulnerability Management at Qualys, talks about the importance of threat …