Whitepaper Library
 

security flaw

Results 1 - 11 of 11Sort Results By: Published Date | Title | Company Name
Published By: DigiCert     Published Date: Jun 19, 2018
The Internet of Things (IoT) has rapidly transformed the digital landscape and the world we live in. Intelligent devices and sensors connect smart cars, robotic manufacturing equipment, smart medical equipment, smart cities, industrial control systems, and much more in a way that improves lives and saves businesses billions of dollars. But along with its benefits, rapid IoT growth introduces a new dimension of security vulnerabilities that dramatically escalates the nature and seriousness of cybercrime risks. In addition to traditional confidentiality cyber risks, IoT threats include attacks that can: • Render smart appliances useless • Shut down city power grids • Threaten lives through hacked pacemakers and other medical devices. Such security flaws not only endanger lives, frustrate customers, and disrupt business operations, but they create significant cost and public relations damage for IoT developers and manufacturers.
Tags : 
    
DigiCert
Published By: Ounce Labs, an IBM Company     Published Date: Dec 29, 2009
Countless studies and analyst recommendations suggest the value of improving security during the software development life cycle rather than trying to address vulnerabilities in software discovered after widespread adoption and deployment. The justification is clear.For software vendors, costs are incurred both directly and indirectly from security flaws found in their products. Reassigning development resources to create and distribute patches can often cost software vendors millions of dollars, while successful exploits of a single vulnerability have in some cases caused billions of dollars in losses to businesses worldwide. Vendors blamed for vulnerabilities in their product's source code face losses in credibility, brand image, and competitive advantage.
Tags : 
source code vulnerability testing, independent model, centralized model, distributed model, software development life cycle, source code scanning, application security, source code security testing
    
Ounce Labs, an IBM Company
Published By: Cylance     Published Date: Jul 02, 2018
While advanced persistent threats and malware still plague some victims, it is ransomware that is still gaining real traction in today’s cybersecurity landscape. The EternalBlue flaw that took over the news in May 2017 rose to popularity as a result of its inclusion in the data leaked by The Shadow Brokers. Utilized in multiple attacks alongside the also-released DoublePulsar exploit, including the installation of cryptocurrency miner Adylkuzz, the exploits are just the tip of the cyberwarfare tools The Shadow Brokers are claiming to have in their arsenal. The latest EternalBlue and DoublePulsar based attacks, delivering the WannaCry Ransomware, have so far been hugely damaging to healthcare organizations while also impacting over 200,000 endpoints in 150 countries. WannaCry-WanaCryptor 2.0 was coupled with the EternalBlue exploit, allowing it to automatically propagate itself to vulnerable machines across the Internet. While not technically advanced, the use of EternalBlue and DoubleP
Tags : 
ransomware, threats, cyber, security, data
    
Cylance
Published By: SecureAuth     Published Date: Nov 13, 2017
A penetration test, or pen-test, is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities. These vulnerabilities may exist in operating systems, services and application flaws, improper configurations or risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as, end-user adherence to security policies. This eBook provides a simple guide to explain both penetration testing's purpose and a basic guide to getting you there. Download now and start testing your network today.
Tags : 
    
SecureAuth
Published By: Palo Alto Networks     Published Date: Sep 30, 2016
There are no flawless software systems or applications. When flaws result in security vulnerabilities, threat actors exploit them to compromise those systems and applications and, by extension, the endpoints on which they reside. Although software vendors issue vulnerability patches to remediate those flaws, many organizations do not apply all available patches to their production environments.
Tags : 
palo alto, systems, software, security
    
Palo Alto Networks
Published By: Tripwire     Published Date: Nov 07, 2012
Cloud computing, virtualization and social networking have several things in common - they create new threat vectors that can leave companies vulnerable to new types of attacks. Read on to learn how to prevent new attacks by getting back to basics.
Tags : 
security, configuration, basics, security flaw, it assets, it infrastructure, security infrastructure, tripwire, data center
    
Tripwire
Published By: Rapid7     Published Date: May 22, 2012
Rapid7's CSO and Chief Architect of Metasploit leads this webcast which covers the most critical java-based security flaws and demonstrates the use of Metasploit in exploiting them. The target list includes web browsers, mobile platforms, embedded devices, application servers, and RPC services.
Tags : 
java, network security, security breach, security flaws, network intrusion
    
Rapid7
Published By: Qualys     Published Date: Nov 05, 2013
Patching is a key strategy for managing vulnerabilities and ensuring enterprise-wide security. Unfortunately, there are often so many flaws in software that patching becomes an overwhelming process. This white paper describes an approach to patch management that allows you to prioritize vulnerabilities that pose the greatest risk and accelerate the speed at which patches are applied. Also inside, find ten steps to improve patching – read on to learn more.
Tags : 
qualys, qualysguard, security, patch acceleration, vulnerability, vulnerability management, robustness, patching system, patching vulnerabilities, remediation, cloud platform, patching, patch report, it infastructure, infrastructure, network security, cloud computing
    
Qualys
Published By: Black Duck Software     Published Date: May 18, 2016
Using open source code is not necessarily a problem, but not knowing what open source you’re using can be extremely dangerous, particularly when so much open source contains security flaws. In fact, the latest Future of Open Source Survey found that: - 55 percent of respondents had no formal policy or procedure for open source consumption - 98 percent were unaware of the open source code they were using "Application Security in 2016," a complimentary report from Black Duck Software, considers the key application security challenges your organization will face, with a special focus on staying both agile and secure with open source. Download the report today!
Tags : 
black duck, application security, security, open source, code
    
Black Duck Software
Published By: Qualys     Published Date: Nov 11, 2009
New network vulnerabilities appear constantly and the ability for IT security professionals to handle new flaws, fix misconfigurations and protect against threats requires constant attention. However, with shrinking budgets and growing responsibilities, time and resources are at constrained. Therefore, sifting through pages of raw vulnerability information yields few results and makes it impossible to accurately measure your security posture.
Tags : 
qualys, network secure, it security, vulnerability, it budget, risk management, vulnerability management, misconfigurations, guard
    
Qualys
Published By: Qualys     Published Date: Nov 11, 2009
New network vulnerabilities appear constantly and the ability for IT security professionals to handle new flaws, fix misconfigurations and protect against threats requires constant attention.
Tags : 
qualys, network secure, it security, vulnerability, it budget, risk management, vulnerabilities
    
Qualys
Search Whitepaper Library      

Add Whitepapers

Get your company's whitepapers in the hands of targeted business professionals.