Threat and Vulnerability Management
Threat and Vulnerability Management | News, how-tos, features, reviews, and videos
HackerOne launches Attack Resistance Management solution to boost cyber resilience
Vulnerability coordination and bug bounty platform says its new solution addresses attack resistance gaps by blending the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement.
New attack surface management product takes full-stack aim at software supply chain threats
Data Theorem's Supply Chain Secure offers continuous runtime analysis and dynamic inventory discovery.
Syxsense launches vulnerability monitoring and remediation solution
The new solution promises to address three key elements of endpoint security – vulnerabilities, patching and compliance.
15 most exploited vulnerabilities of 2021
Global cybersecurity advisory highlights the 15 most targeted vulnerabilities of 2021, indicating that attackers targeted exploits both old and new last year.
![A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]](https://images.idgesg.net/images/article/2020/08/user_reviews_data_tracking_monitoring_analytics_event_logging_analysis_threat_detection_by_laurence_dutton_gettyimages-1170687091_2400x1600-100855964-small.3x2.jpg?auto=webp&quality=85,70){kind=tracking}
Proficio launches detection and response service to tackle identity-based threats
MDR firm claims solution is the industry’s only vendor-agnostic open XDR solution that supports identity threat detection and response.
Drones as an attack vector: Vendors need to step up
Growing commercial use and few built-in defenses make drones an attractive target for malicious actors.
Bitdefender enters native XDR market with new offering
GravityZone XDR promises to reduce attacker dwell time with robust detection, quick triage, and automated threat containment.
Russia’s AI setbacks will likely heighten its cyber aggression
As sanctions hamper Russia's plans for AI dominance, it might turn up its cyber activities to hamper other countries' AI efforts.
Who is your biggest insider threat?
Phishing simulations aren't enough for identifying your organization’s most vulnerable insiders or minimizing their risk.
CrowdStrike and Mandiant form strategic partnership to protect organizations against cyber threats
Vendors say the partnership combines CrowdStrike’s Falcon platform with Mandiant’s breach investigation and response services offering tighter platform integrations, industry-leading intelligence, and shared expertise.
![Digital bugs amid binary code. [security threats / malware / breach / hack / attack]](https://images.idgesg.net/images/article/2020/09/digital_bugs_amid_binary_code_security_threats_malware_breach_hack_attack_by_whatawin_gettyimages-1188254819_2400x1600-100858616-small.3x2.jpg?auto=webp&quality=85,70)
Zoom’s bug bounty ROI clear as program pays $1.8 million to fix over 400 bugs
The firm’s CISO reflects on bug bounty ROI and selling the concept to senior leadership.
![Computerworld - Scary Tech [Slide-05] - Encryption systems with backdoors](https://images.idgesg.net/images/article/2017/10/cw_scary_tech_05-100740219-small.3x2.jpg?auto=webp&quality=85,70)
Best advice for responding to today's biggest cyber threats
Scary new threats don't necessarily require big changes to your security infrastructure. These simple actions can be more effective and less disruptive.
New insider threat: Bad business decisions that put IP at risk
The U.S. FTC forced Weight Watchers to destroy algorithms after it violated privacy laws, giving CISOs another worry over protecting intellectual property.
Russia-linked cyberattacks on Ukraine: A timeline
Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.
Why CISOs everywhere should pay attention to the US global threat assessment
The recent Global Threat Assessment briefing and the ODNI’s threat assessment report provides valuable insight on what to expect from the country's most dangerous adversaries.
IriusRisk launches Open Threat Model standard to secure software development lifecycle
The OTM standard, published under a Creative Commons license, aims to generate greater connectivity and interoperability between threat modeling and the software development lifecycle.
MITRE and partners build insider threat knowledge base
MITRE Engenuity and major business partners have developed an knowledge base of malicious insiders' tactics, techniques and procedures.
