Operations | Monitoring | ITSM | DevOps | Cloud

Vulnerability

ivanti

The Critical Role of the CMDB in Security and Vulnerability Management

Jul 23, 2024 By David Pickering In Ivanti
Effective security and vulnerability management is crucial to safeguard organizations from ever-evolving cyber threats. At the core of these practices lies the Configuration Management Database (CMDB), a powerful resource that offers a centralized view of an organization's IT infrastructure. The CMDB plays a pivotal role in upholding robust security and vulnerability management strategies – empowering organizations to proactively identify, evaluate and address risks to their IT systems and data.
Read Post
NinjaOne

Complete Guide: What Is Microsoft CVE-2023-28310?

Jul 19, 2024 By Lauren Ballejos In NinjaOne
Common Vulnerabilities and Exposures (CVE) is a system that identifies and catalogs security vulnerabilities in software and hardware. It is an essential tool for cybersecurity professionals, providing a standardized identifier for each vulnerability, which helps in sharing data across different security tools and platforms. Understanding CVEs is crucial for maintaining secure systems and responding quickly to emerging threats.
Read Post
uptime

Global Microsoft Outage and Preventing Future Vulnerabilities

Jul 19, 2024 By Mishal Alam In uptime
In a recent unexpected turn of events, a faulty component in the latest CrowdStrike Falcon update led to widespread outages, crashing Windows systems globally. The repercussions were felt across various sectors, including airports, TV stations, hospitals, and even emergency services in the U.S. and Canada. The glitch, affecting both Windows workstations and servers, resulted in massive outages, bringing entire companies to a standstill and crashing fleets of hundreds of thousands of computers.
Read Post
opsmatters

AppSec Decoded: How to Implement Security in DevOps

Jul 3, 2024 By OpsMatters In OpsMatters
In the realm of software development, the requirement for speedy delivery often conflicts with software security. The technology of DevSecOps bridges this gap by using security practices in DevOps techniques. With the majority of data being made and processed over the internet, it's important to safeguard your digital infrastructure from dangerous cyber attacks. For that, modern Application Security (AppSec) is used. In this guide, we will learn comprehensively about AppSec with DevOps and more.
Read Post
canonical

What you need to know about regreSSHion: an OpenSSH server remote code execution vulnerability (CVE-2024-6387)

Jul 3, 2024 By Luci Stanescu In Canonical
On 1 July 2024 we released a fix for the high-impact CVE-2024-6387 vulnerability, nicknamed regreSSHion, as part of the coordinated release date (CRD). Discovered and responsibly disclosed by Qualys, the unauthenticated, network-exploitable remote code execution flaw affects the OpenSSH server daemon (sshd) starting with version 8.5p1 and before 9.8p1.
Read Post
chaossearch

Improving Patch and Vulnerability Management with Proactive Security Analysis

Jul 1, 2024 By David Bunting In ChaosSearch
Vulnerability management is the continuous process of identifying and addressing vulnerabilities in an organization’s IT infrastructure, while patch management is the process of accessing, testing, and installing patches that fix bugs or address known security vulnerabilities in software applications. Vulnerability management and patch management are crucial SecOps processes that protect IT assets against cyber threats and prevent unauthorized access to secure systems.
Read Post
Sponsored Post
chaossearch

5 Security Logging and Monitoring Mistakes to Avoid

Jun 28, 2024 By David Bunting In ChaosSearch
As cybersecurity attack vectors evolve, security logging and monitoring are becoming even more important. Effective logging and monitoring enables organizations to detect and investigate security incidents quickly. Cloud-based attackers are getting more sophisticated, and often rely on stolen credentials to escalate privileges and move laterally within corporate IT networks. Many do so undetected, which is why modern IT systems require a watchful eye on log data to detect suspicious activity and inform incident response efforts.
Read Post
NinjaOne

What Is the National Vulnerability Database?

Jun 28, 2024 By Lauren Ballejos In NinjaOne
The National Vulnerability Database (NVD) is an information resource provided by the U.S. government that catalogs security vulnerabilities in a standardized, searchable format. It includes databases containing software and hardware products, their known security flaws (including misconfigurations), as well as their severity and impact. The NVD is an important resource for IT professionals to stay up-to-date with potential security concerns in their IT infrastructure.
Read Post
puppet

Stay Ahead of Known Vulnerabilities with Automated Patch Management

Jun 26, 2024 By Robin Tatam In Puppet
The consequences of not patching are everywhere: remember the Log4j vulnerability that grants hackers complete access to your devices? The best way to prevent this from happening is to use a patched version of Log4j — so why did this become a catastrophic and prolific security vulnerability event? A: Because people hate, forget, or simply dismiss patching as a labor-intensive part of managing their infrastructure.
Read Post

Introduction to RBVM: A Solution for Vulnerability Management at Ivanti #ivanti

Jun 13, 2024 By Ivanti In Ivanti
Derek Illum presents the RBVM solution for vulnerability management at Ivanti, detailing its functionality, benefits, and related statistics. The process involves data collection, automation, and integration with other tools. The tool, hosted in the AWS gov cloud, integrates with various systems, including Microsoft Defender for endpoint. Users can explore RBVM, focus on a risk-based approach, and utilize its dashboards and SLA management features.
View Video
Subscribe to Vulnerability

Copyright © 2024 OpsMatters™. All rights reserved.