The CFEngine engineering team has recently discovered two security issues in the CFEngine Enterprise product: While the latter one (CVE-2021-36756) only affects CFEngine Enterprise deployments using the Federated Reporting functionality, the former one (CVE-2021-38379) affects all deployments running all supported versions of CFEngine Enterprise (and many unsupported versions, 3.5 or newer, to be more precise).

It does this by delivering automated insight into your risk exposure and helps you to prioritize, based on adversarial risk. In particular, it provides real-time intelligence on vulnerability exploits that are actively trending in the wild, and those that have ties to ransomware.. Ivanti Neurons for Patch Intelligence combines this risk-based prioritization with patch reliability data to help you focus your testing efforts and reduce the overall time to patch.

When measuring the success of large-scale transformations—particularly in the technology space—it’s natural to look at hard metrics, such as cycle time, mean time to recovery (MTTR), and so on. In IT, for example, hard metrics are what we do all day long. But within any organization, change is ultimately personal. In my experience, relying exclusively on hard numbers often leads you to ignore the human side of transformation, and sometimes even action the wrong things.

Deep in the woods, where trees are black and the air is thick, steam rises wistfully across the damp ground. A single dirt track, barely wide enough to pass, scars the terrain for what seems like an endless number of miles. It winds its way through the mountains and valleys, across a rickety bridge over a cavernous ravine, before plunging back into darkness, the trees bending over as if to grasp those passing through. Finally, in a small clearing, a lonely decrepit wooden cabin reveals itself.

Controlling access to sensitive data is tough. Be too restrictive, and your employees run into too many roadblocks to do their jobs effectively. Too loose, and you are effectively guaranteeing that your organization will find itself on the front page as a victim of one of the many data breaches happening every day. That is why it is important to craft an effective data security strategy: one that relies on automation and oversight to ensure the privacy of your users’ data.

It’s Cyber Security Awareness Month, and many IT professionals are being haunted by the thought of gearing up for a security and compliance audit. Preparing for an IT audit can take months of planning. It can be time-consuming, uncomfortable, and stressful. Guess what else takes a long time and can be uncomfortable and stressful? Creating a human!

I am excited to announce the launch of our latest network security offering known as Ivanti Neurons for Secure Access (nSA). This new cloud-based management solution will allow our existing L3 VPN customers using Connect Secure to take the next step in their journey toward a zero trust architecture. And this all can happen while still utilize existing Connect Secure VPNs that are already setup and configured.

Not every organization is - or even wants to be - a Fortune 500. Unfortunately, cybercriminals don’t care how big your company is. In fact, they often look to target small and midsize businesses (SMBs) knowing that they might have fewer security resources. You have the same problems that the big companies have, but you also have less money and people. Using centralized log management can give you the security solution you need, at a price you can afford.

If you’re like me, you started your week by reading the Microsoft blog about Nobelium, an advanced-persistent-threat (APT) group that was actively targeting cloud service providers (CSPs) and managed services provider (MSPs) in a recent wave of supply chain attacks. Personally, I wasn’t terribly surprised. We all know by now that MSPs have a bullseye on them for adversaries wishing to target the supply chain. What’s different about this attack is the motive.