Vulcan

Turn on the light and get fix done in 2021

Mon, 04 Jan 2021 08:00:37 GMT

“Happiness can be found, even in the darkest times, if one only remembers to turn on the light,” said Albus Dumbledore, Hogwarts headmaster. 2020 was a hell of a year, surely the craziest of my life and I would guess it was for many of you as well. It is easy to dwell on the…

How to fix the vulnerabilities targeted in the FireEye hack

Tue, 15 Dec 2020 20:48:33 GMT

Foreign hackers have been using multiple, layered software vulnerabilities to hack into “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East,” as described in this FireEye blog post. This Vulcan Cyber blog post explains how to fix the vulnerabilities targeted by the red team tools used in the…

The Remediation Easy Button with ServiceNow and Vulcan

Fri, 11 Dec 2020 07:04:05 GMT

It’s always a nice feeling to finish a project, resolve a service request, or remediate a vulnerability and then click the “Closed,” “Done,” or “Complete” button on the task. The satisfaction of being able to cross an item off the to-do list is undeniable, and this is especially true if you work in vulnerability management…

Vulcan release includes Remedy Cloud and remediation analytics

Tue, 10 Nov 2020 08:56:37 GMT

In addition to the launch of Vulcan Remedy Cloud and remediation analytics at The Remediation Summit, the Vulcan Cyber product and engineering teams have been very busy adding dozens of new features and integrations to the world’s most-powerful vulnerability remediation orchestration platform. Remedy Cloud If you missed the news, Remedy Cloud is the free, community…

What is the Google Chrome CVE-2020-15999 vulnerability?

Thu, 05 Nov 2020 20:51:11 GMT

As the vulnerability remediation experts we’ve made a practice of publishing remedies, fixes, and solutions for the more high-profile vulnerabilities we’ve come across over the years. This blog post will answer, “What is Google Chrome CVE-2020-15999?” but more importantly I’m excited to announce the availability of Vulcan Remedy Cloud as a free and curated database…

Vulcan Cyber Adds Remediation Analytics to Provide Full Visibility Into Remediation Efficacy

Wed, 04 Nov 2020 15:35:33 GMT

New Vulcan remediation analytics provides security and IT executives with unfettered visibility into the state of remediation campaigns Tel Aviv – November 4, 2020 – Vulcan Cyber®, developers of the industry’s only end-to-end vulnerability remediation orchestration platform, today announced the addition of powerful business intelligence capabilities for cyber risk management. New Vulcan remediation analytics dashboarding…

Vulcan Cyber Launches Remedy Cloud, Providing Free Access to Thousands of Vulnerability Fixes

Wed, 04 Nov 2020 15:24:47 GMT

Providing remediation solutions on demand, Vulcan Remedy Cloud helps security and IT teams collaboratively “get fix done” Tel Aviv – November 4, 2020 – Vulcan Cyber®, the vulnerability remediation orchestration company, today announced Vulcan Remedy Cloud, a free service built on the world’s largest database of curated remedies for thousands of security vulnerabilities. By sharing…

Vulcan Cyber Hosts “The Remediation Summit”

Sun, 25 Oct 2020 16:44:12 GMT

Security executives from Levi’s, HBO Max, Snowflake and Akamai keynote Vulcan Cyber inaugural vulnerability remediation summit Tel Aviv – October 13, 2020 – Vulcan Cyber®, the vulnerability remediation orchestration company, today announced The Remediation Summit to help organizations move from finding to fixing vulnerabilities at scale. The virtual event is free to attend and will…

Do I even need to fix BootHole, SIGRed or SMBleed?

Mon, 28 Sep 2020 17:28:01 GMT

Do you have a plan for BootHole or have you already fixed it? What about SIGRed or SMBleed? Are any of these high-profile vulnerabilities even relevant to the security of your digital infrastructure? Vulnerability prioritization is a critical element of any enterprise vulnerability management program. But too often prioritization is done wrong, making the effort…

The Remediation Summit is now open for registration

Mon, 28 Sep 2020 14:31:42 GMT

We are excited to announce the first-ever Vulcan Cyber user conference coming on October 29th. The Remediation Summit is free, virtual, and will be made available on demand to all registrants so you can consume the content at your own pace and on your own schedule. It is now open for registration. The Remediation Summit…

Creating a mature vulnerability management program to sell more jeans

Sat, 19 Sep 2020 22:09:17 GMT

Vulnerability management programs exist to drive desired business outcomes. Period. In the case of Levi Strauss & Co. the desired business outcome is to sell more of the world’s original jeans. Last week it was my privilege to host a webcast with Steve Zalewski, Levi Strauss & Co. deputy CISO, to discuss what keeps him…

Vulcan Study Reveals IT Leaders Overestimate Vulnerability Management Maturity

Wed, 02 Sep 2020 11:42:50 GMT

84% of security and IT leaders feel their programs are mature, but the data reveals otherwise Tel Aviv – Sept. 2, 2020 – Vulcan Cyber®, the vulnerability remediation company, today announced the results of a research project conducted to better gauge the maturity of enterprise vulnerability management programs. Vulcan Cyber surveyed more than 100 security…

Simply the best vulnerability remediation resources out there today

Tue, 04 Aug 2020 12:27:37 GMT

Did you know that Black Hat 2020 is happening this week? All things considered, it might have just gone under your radar. And with every event either being canceled altogether or making the necessary adjustments to go virtual, from your local meetups to the biggest conventions, managing to find truly valuable resources at this time…

What is the BootHole vulnerability (CVE-2020-10713) and how to fix it

Thu, 30 Jul 2020 12:27:42 GMT

TL;DR The BootHole vulnerability is not critical (yet), but it could potentially effect billions of devices worldwide. Exploiting it requires high privileges or physical access. Now while there are no full patches available at this time, we’ve written this blog, and published this episode of The Vulnerability Report, to help you detect vulnerable devices, mitigate the…

Vulcan Maturity Model Challenges Vulnerability Management to Evolve

Thu, 23 Jul 2020 10:32:52 GMT

Vulcan Cyber Maturity Model Challenges Vulnerability Management Programs to Evolve New Vulcan Cyber eBook provides a blueprint for achieving advanced levels of cyber hygiene by progressing from vulnerability management to vulnerability remediation Tel Aviv – July 23, 2020 — Vulcan Cyber, the vulnerability remediation company, today announced the release of a new eBook titled, “The…

What is the SIGRed Vulnerability (CVE-2020-1350) and How to Fix it

Wed, 15 Jul 2020 07:40:10 GMT

What is the SIGRed Vulnerability (CVE-2020-1350)? SIGRed (CVE-2020-1350) is a critical, wormable RCE (remote code execution) vulnerability in the Windows DNS Server, that can be triggered by an attacker with malicious DNS response. It received a CVSS base score of 10, and according to the Check Point researchers who found this 17-year-old flaw, the likelihood of exploitation is high. Microsoft have just released a patch for the SIGRed vulnerability (CVE-2020-1350) that…

Vulcan Cyber and Financial Services Compliance

Thu, 09 Jul 2020 12:15:34 GMT

All aspects of the financial services industry—from banking to securities, and from insurance to pensions—are highly regulated at multiple levels. These regulations have two primary objectives: to protect customers from fraudulent or negligent behavior, and to safeguard transactions and data. One regulation created specifically for the financial sector is the Dodd-Frank Wall Street Reform and…

Vulcan Cyber Adds Customizable Risk Modeling to its Vulnerability Remediation Platform

Wed, 01 Jul 2020 12:01:01 GMT

Vulcan Cyber Adds Customizable Risk Modeling to its Vulnerability Remediation Platform Vulcan Cyber now offers customizable vulnerability prioritization to help security and IT operations teams secure digital infrastructure through targeted remediation Tel Aviv – July 1, 2020 – Vulcan Cyber®, developers of the industry’s only end-to-end vulnerability remediation platform, today announced customers can now add…

Integrating MITRE ATT&CK with Vulnerability Management for Remediation

Thu, 18 Jun 2020 20:09:43 GMT

While vulnerability management isn’t natively mapped to the MITRE ATT&CK framework by default, using cyber knowledge, data science, machine learning and artificial intelligence, CVEs can be efficiently integrated with ATT&CK in a way that delivers distinct advantages to security and IT operations teams. This blog post provides an overview of MITRE ATT&CK and outlines benefits that can be gained by integrating MITRE ATT&CK with vulnerability management to deliver increased security hygiene, risk reduction, threat…

What is the SMBleed Vulnerability (CVE-2020-1206) and How to Fix it

Thu, 11 Jun 2020 04:29:08 GMT

SMBleed (CVE-2020-1206), its relation to SMBGhost and how to fix them The SMBleed vulnerability (CVE-2020-1206) allows an attacker to read uninitialized kernel memory. It happens in the same function as SMBGhost (CVE-2020-0796), a bug in the compression mechanism of SMBv3.1.1, as explained in a previous blog. So First – How Can You Fix It? There…

Lessons Learned: Vulnerability Management With a Remote Workforce

Wed, 27 May 2020 09:36:03 GMT

The COVID-19 pandemic has created a need for security teams to make sudden adjustments to many of their processes. This article focuses on vulnerability and patch management processes specifically, and discusses how companies can ensure that these programs keep their digital environments and assets secure while dealing with a larger than ever remote workforce. WFH…

Your Guide to Mastering Vulnerability Remediation

Wed, 06 May 2020 04:41:55 GMT

The first part of this blog post series, The Three Stages of Enterprise Vulnerability Remediation, described the most serious challenges facing effective vulnerability remediation—complex infrastructures, distributed applications, and fragmented stacks. In order to pre-empt threats or contain their blast radius, today’s enterprises must have policies, processes, and tools in place to: analyze and assess vulnerabilities,…

It’s Time to Automate More of Your Vulnerability Management Program

Wed, 06 May 2020 04:06:28 GMT

Managing your vulnerabilities – from identification and prioritization all the way through to remediation and resolution, is an extremely time-consuming task. This is why Vulnerability Managers need to find ways to take the most mundane, repetitive aspects of vulnerability management such as scanning and opening tickets and integrate them into an efficient process. In 2019,…

Vulnerability Management 2020: From Legacy to Modern Programs

Sun, 03 May 2020 08:43:36 GMT

Today’s IT environment is markedly different to that of the 90s. While changes to infrastructures and applications have helped us reach new highs, they’ve also brought along several challenges. Nowadays, self-contained siloed data centers and networks no longer the norm and long deployment cycles are a thing of the past. Companies are working with CI/CD practices…

The Vulcan Vulnerability Digest – Top Threats to Address – April 23

Thu, 23 Apr 2020 06:39:27 GMT

Over the past couple of weeks, we’ve seen some high profile security threats that require your immediate attention. In this digest we’ve rounded them all up. Now in order to help you address these threats, I’ve added actionable steps for you to follow in order to mitigate these risks. Table of Contents: SMB Ghost RCE…

Cut Costs With Automated Vulnerability Management

Mon, 13 Apr 2020 10:34:43 GMT

Now more than ever, budgetary decisions and allocations are critical. When it comes to IT, with each team, department, and business unit convinced that its requirements are paramount, budgetary decisions must be based on quantifying, comparing, and prioritizing the business value to the enterprise. Management must ask itself to what extent does any given budget…

The Vulcan Vulnerability Digest – Top Threats Roundup – April 9th

Thu, 09 Apr 2020 10:25:17 GMT

With all the buzz around the latest campaigns and exploits, it might seem hard to know what really demands your attention. That’s why we’ve decided to round up the top security threats from the past couple of weeks that really require your attention. Now in order to help you address these threats, I’ve added actionable…

How to Improve Your Enterprise VPN Security

Wed, 08 Apr 2020 04:55:23 GMT

The Coronavirus pandemic has drastically changed our reality in a blink of an eye. With WFH and social distancing becoming the new norm. While these measures are key to reducing the risk of contracting COVID-19, from a security standpoint working from home introduces other risks. In order for teams to continue working and remain connected from home while staying protected…

All Good Remediation Strategies Begin with Collaboration

Mon, 06 Apr 2020 09:43:03 GMT

A key component of any successful vulnerability remediation strategy, now maybe more than ever, is collaboration. Yet, it often seems to be overlooked. In order to accurately identify and mitigate threats, companies must adopt a holistic approach that encompasses every aspect of security, development, and operations. As we will see, remediating vulnerabilities quickly and efficiently requires input…

Easing Up Patching Using Containers and Kubernetes

Thu, 02 Apr 2020 10:08:37 GMT

Only unused applications don’t receive updates. Otherwise, there are always more bugs to resolve, new requirements to address, and the latest software to integrate. Patching is the name that’s been given to the act of improving software. For example, if a bugfix is developed, a new patch on the given application is applied; if a…

The Vulcan Vulnerability Digest – Top Threats to Address – March

Thu, 26 Mar 2020 15:38:10 GMT

The past couple of weeks have presented many challenges from a security standpoint. There’s a lot of noise around threat actors, phishing campaigns etc., and it might seem hard to differentiate between what’s actually requires attention and what doesn’t. In order to do just that, I’ve compiled a list of these top threats that you should pay attention to. At…

COVID-19: Keeping Your Vulnerability Management Program on Track

Thu, 26 Mar 2020 10:59:06 GMT

Seemingly overnight, the Coronavirus pandemic has made quarantines, travel bans and social distancing the new norm. As companies shift to a remote working model to contain the spread of the virus, vulnerability management programs, like so many other operational processes, may be experiencing disruption. While some parts of your program are sure to take a…

What is the SMBGhost Vulnerability (CVE-2020-0796) and How to Fix it

Thu, 12 Mar 2020 09:50:54 GMT

Microsoft have accidentally revealed information regarding a security update for a wormable vulnerability SMBGhost (CVE-2020-0796) in the Microsoft Server Message Block protocol. So First – How Can You Fix SMBGhost? While there isn’t a practical patch out there for the SMBGhost vulnerability just yet, consider implementing the following workarounds to mitigate the risk immediately: Disable SMBv3 compression You can disable compression to block unauthenticated attackers from exploiting the vulnerability against an…

Your Guide to Patching Immutable Infrastructure

Wed, 11 Mar 2020 08:42:30 GMT

With the ephemeral nature of containers, you might think that patching is far less critical than it really is. But in fact, as with more traditional systems, patching both the containers and the underlying management systems is just as critical as tending to any other system. In this article, we will talk about the three…

What is the Ghostcat Vulnerability (CVE-2020-1938) and How to Fix it

Tue, 03 Mar 2020 10:37:23 GMT

The Apache Tomcat servers that have been released over the last thirteen years are vulnerable to a bug known as “Ghostcat” (CVE-2020-1938) that allows hackers to take over unpatched systems. Discovered by Chinese cybersecurity firm Chaitin Tech, Ghostcat is a flaw in the Tomcat AJP protocol. So first – how can I fix the Ghostcat Vulnerability? Apache Tomcat has officially released versions 9.0.31, 8.5.51, and 7.0.100 to fix this vulnerability. To do this…

Ensuring Regulatory Compliance Through Vulnerability Management Programs

Thu, 27 Feb 2020 06:47:12 GMT

The rapid increase in fraud and business interruption caused by cyber attacks is behind the growing focus on security—particularly personal data protection—by regulators. The introduction of the GDPR in Europe in 2018, and local and national developments in the United States, have been an eye-opener for organizations that previously considered data protection important but a…

Handling Vulnerability Remediation Pushbacks

Tue, 04 Feb 2020 09:40:31 GMT

Every security manager knows that no matter how comprehensive your vulnerability management processes are, your network’s security depends on cooperation between all stakeholders involved in the processes. All too often, IT teams push back against security requests, especially if they feel they are excessive or exaggerated. As a security manager, how do you handle this…

Vulcan Cyber Selected as Finalist for RSAC 2020 Innovation Sandbox Contest

Thu, 30 Jan 2020 06:38:14 GMT

Continuing to rack up accolades for automating the remediation process of vulnerabilities at speed and scale, Vulcan Cyber is named one of the 10 most innovative companies at RSA Conference 2020 Tel Aviv – January 28, 2020 – Vulcan Cyber, the industry’s first Automated Vulnerability Remediation (AVR) company, has been named one of 10 finalists…

Automating Response for New Zero-Day RCE on Windows IE CVE-2020-0674

Mon, 20 Jan 2020 10:23:57 GMT

Alert: There’s a new zero-day RCE on Windows Internet Explorer, CVE-2020-0674, with no available patches out there yet. Not only that, as of now (1/20/20) this vulnerability cannot be scanned by VA tools. This vulnerability is highly dangerous and is reported to have been exploited in the wild. Therefore, security teams must act fast. As…

How to Remediate the New Critical RCE Vulnerabilities In Enterprise VPNs

Thu, 16 Jan 2020 12:54:48 GMT

The US Cybersecurity and Infrastructure Security Agency (CISA) had alerted organizations to patch their Pulse Secure VPN servers as a defense against ongoing attacks trying to exploit a known remote code execution (RCE) vulnerability. This warning follows another alert issued by CISA in October 2019, and others coming from the National Security Agency (NSA), the Canadian Centre for Cyber Security,…

Top Cybersecurity Events For CISOs and Vulnerability Management Professionals

Wed, 08 Jan 2020 09:05:27 GMT

Improving vulnerability management and remediation processes is a task that requires cybersecurity pros to actively keep up with the latest developments in the threat landscape, business environment, and tech solutions. Due to the sheer volume of the task, staying current on all those issues is nearly impossible to do alone. That is why attending carefully…

Vulcan 2019 – A Year In Review

Tue, 31 Dec 2019 11:07:32 GMT

With 2019 coming to a close, it’s a great opportunity for reflection. Looking back – what a year this has been! So many milestones and achievements to be proud of! So, just before the ball drops and we start celebrating the year 2020, we’d like to take a moment to thank our users, customers, partners,…

CI/CD: Streamlining Vulnerability Remediation

Wed, 25 Dec 2019 11:08:48 GMT

Continuous integration and continuous delivery and/or deployment (CI/CD) has become a staple within the modern software development landscape, and it is now extending into patch management. The importance of your environment’s security cannot be overstated, nor can the difficulty of maintaining that security. The question then becomes: What exactly is CI/CD and how can you…

Looking Back at 2019’s Nastiest Vulnerabilities

Wed, 18 Dec 2019 10:32:20 GMT

As 2019 draws to a close, we want to look back at the year’s biggest security breaches. Some we chose because of the damage they caused, others because of how easily they could have been avoided, just by using stronger passwords or paying attention to warnings. Even the more complex ones could have been prevented…

The Guide to Windows Patching

Wed, 11 Dec 2019 11:16:18 GMT

With new vulnerabilities and threats constantly making headlines, frequent patch releases is a must for operating systems. Keeping software and operating systems up to date is critical for ensuring system security. Microsoft’s mantra is to be diligent in patching. But introducing changes into a system, as in patching, does not come without risks, and problems…

CISA’s New Guidelines: Has The Eagle Truly Landed?

Wed, 04 Dec 2019 09:29:05 GMT

The Cybersecurity and Infrastructure Security Agency (CISA) is responsible for building America’s “national capacity to defend against cyber-attacks and … to safeguard the ‘.gov’ networks.” Its mandate includes securing all publicly accessible Federal websites by scanning them for vulnerabilities that need to be remediated. On April 29, 2019, CISA issued Binding Operational Directive (BOD) 19-02,…

Vulnerability Remediation In Three Steps

Thu, 28 Nov 2019 08:34:49 GMT

The primary objective of vulnerability remediation is to pre-empt breaches before the vulnerabilities in data, applications, networks, or endpoints are exploited. Should a breach occur, however, then the objective of vulnerability remediation is to contain it as quickly as possible and thus minimize the damage. As shown in the chart in Figure 1, the number…

Top Skills Every Security Professional Needs

Thu, 21 Nov 2019 12:17:05 GMT

In a previous blog on challenges in today’s security environment, we discussed the shortage of cybersecurity personnel – in the US alone, 3.5 million positions are expected to be unfilled by 2021. According to the Global Information Security Workforce, the main reason for this gap is not a lack of candidates per se; it’s a…

Cloud vs. On-Premise Patching: What’s the Difference?

Tue, 12 Nov 2019 09:39:57 GMT

Patching has become particularly challenging in the new cloud and hybrid-cloud environments— especially across Windows and Linux—despite the many methods and technologies for this. What are the differences between patching in Windows and Linux, and how does this all fit into the modern cloud infrastructure? Do these new environment paradigms facilitate or complicate patch management?…

Enterprise Security: Deja Vu All Over Again?

Tue, 05 Nov 2019 06:44:05 GMT

The 1990s: When Remediation was Simple Back in the 1990s, every company’s network was fairly self-contained, using relatively few third-party programs with little direct contact with the developing internet, especially during work hours. Corporate email domains were completely separate from personal ones, such as AOL, Yahoo! mail or invitation-only Gmail. Remediation basically meant fixing your…

Widespread CVE-2019-14287 is Out, But a Workaround’s Available

Sun, 03 Nov 2019 03:55:39 GMT

The team responsible for sudo, a popular Linux command-line tool, published a new security alert under CVE-2019-14287. It has a high CVSS score of 8.8, and Vulcan Cyber’s threat intel has found it to be exploitable. This would result in it posing a high-to-critical risk in most environments. Suggested remediation measures In order to remediate…

New Exploit for Four Year Old Vulnerability MS15-014 Poses an Imminent Threat

Thu, 31 Oct 2019 10:13:56 GMT

New exploit published for a Group Policy vulnerability disclosed back in 2015, allows remote code execution on vulnerable version of Windows. While the original CVSS score for the vulnerability was just 3.3, the new exploit may in fact require immediate attention. A new exploit for MS15-014 has been disclosed. It can now be executed through a simple, easy-to-use python…

Bringing a DevOps Mindset to Vulnerability Management

Wed, 30 Oct 2019 13:01:18 GMT

With the advent of the cloud computing movement, organizations have been shifting to managed infrastructures to offset IT costs. Yet in a complex and ever changing multi-OS environment, patching is not always so easy. Different operating systems and cloud environments as well as the potential of spanned on-premise and cloud environments further complicate the patching…

Vulcan Cyber Named a Gartner 2019 Cool Vendor in Security and Risk Management

Thu, 24 Oct 2019 04:55:25 GMT

TEL AVIV, Oct. 24, 2019 — Israeli startup Vulcan Cyber, helping enterprises close the cybersecurity vulnerability remediation gap, has been named a Cool Vendor in the latest Gartner, Inc. Cool Vendors in Security and Risk Management, 2H19* report (Gartner subscription required). Gartner’s report recognizes interesting, new and innovative Security and Risk Management vendors. According to the report, “Security…

Why You Shouldn’t React to the Latest Headlines

Thu, 10 Oct 2019 04:27:19 GMT

Malicious breaches are on the rise and they’re getting more expensive, according to a July 2019 IBM report. An average breach now costs $3.92 million, with larger breaches costing over $100 million before penalties. Vulnerabilities are increasing with roughly 1,000 new ones reported per month. Meanwhile, there’s a shortage of cybersecurity workers; in the US…

The Eight Vulnerability Management Components You Need Today

Thu, 25 Jul 2019 07:05:46 GMT

With all the vulnerability remediation suites and individual tools on the market, it can be hard to determine which features and components are essential, which features are merely “nice to have”, and which are a waste of resources. We’ve sorted through the myriad of products and came up with the following list of eight components…

How CEOs Should Respond to Data Breaches

Tue, 09 Jul 2019 07:59:14 GMT

The massive “Collection #1” breach of 2019 exposed 772,904,991 unique emails and 21,222,975 unique passwords. The data appears to have been taken from a number of sources, meaning a number of CEOs faced the same question that Mark Zuckerburg, John Legere (Tmobile), Paul Black (Allscripts), Steve Long (Hancock Health), Matt Raoul (Timehop) and others have…

Vulcan Cyber Raises Additional $10M to Combat Breaches from Known and Emerging Vulnerabilities by Automating and Streamlining Remediation Process

Wed, 26 Jun 2019 10:50:47 GMT

Highlights: Brings total raised in one year to $14 million for expansion of North American operations and R&D Mark Hatfield, general partner at Ten Eleven Ventures joins Vulcan board Glenn Chisholm, former CTO of Cylance joins as investor Vulcan Cyber today announced raising $10 million in Series A funding, enabling the company to continue its…

It’s Not Superstar Hackers You Should be Worried About

Thu, 13 Jun 2019 07:30:25 GMT

You might think that the hackers bringing down organizations and infrastructures are government trained, highly advanced coders. The truth is far less dramatic- but of far greater concern to security professionals. Many powerful exploits have found their way into the hands of amateurs, who would never have been able to create them themselves. It’s the…

Prioritizing Vulnerabilities with Vulcan Cyber

Wed, 05 Jun 2019 08:38:30 GMT

By this point, we’re all well aware of the torrents of vulnerabilities out there and the pressure that they impose on CISOs and security teams. That’s why incorporating automation methodologies into the vulnerability remediation processes has become key to handling the current threat landscape safely and consistently. And not just for efficiency’s sake. As Larry…

Analyzing Amazon’s New Patch Automation Service

Wed, 29 May 2019 08:48:28 GMT

Amazon released the EC2 Run Command in 2015 as the first step to extend a bridge back to datacenter, enterprise, and traditional operations environments. Then in 2016, AWS released its patch management solution under the EC2 Systems Manager. Now, all datacenter-style management tools fall under the AWS Systems Manager. In AWS’ effort to create a…

How to Combine Vulnerability Management with Pen Testing

Thu, 23 May 2019 07:02:06 GMT

For an organization to be confident it must have a solid security posture, and for this, regular testing is key. Two types of testing are critical to assessing security posture – penetration testing and vulnerability scans. In order to meet certain standards, such as PCI and HIPAA, both pen testing and vulnerability management are required…

Why Vulnerability Management Starts with Knowing Your Assets

Tue, 14 May 2019 13:35:01 GMT

In the broadest sense, “Asset Management” means managing the complete life-cycle of every corporate asset, from procurement to safe disposal. Effective Asset Management ensures that every expense fits both corporate goals and security standards, including guidelines and policies related to Vulnerability Management, such as how vulnerabilities are prioritized and resolved. Both theory and practice show…

How Dangerous are Zero-Day Vulnerabilities?

Tue, 07 May 2019 12:16:08 GMT

There’s a buzz in the vulnerability management market surrounding solutions to protect against Zero Day vulnerabilities – vulnerabilities that were previously unknown with no vendor patch available. While some may paint a picture of hoards of hackers looking to exploit undiscovered flaws, security teams must ask themselves: is focusing on Zero Day attacks really the…

The Problem with CVSS Scores and What It Means for Vulnerability Management Programs

Thu, 02 May 2019 08:38:33 GMT

The number of vulnerabilities uncovered daily has long exceeded what security teams can possibly address. The key to success in vulnerability management no longer lies in patching everything, but rather in making judgment calls and deciding which vulnerabilities to address and which to ignore. Faced with this onslaught, CISOs and Vulnerability Managers need to pick…

How Vulnerability Remediation Intelligence Databases Empower Vulnerability Teams

Tue, 23 Apr 2019 10:26:12 GMT

With over 1,600 new vulnerabilities reported in the first 100 days of 2019, in addition to the 17,308 reported in 2018, it’s clear that vulnerability remediation is an ongoing necessity. Given the large number of vulnerabilities that are being added to the pool every day, having a strategy to decide which vulnerabilities to patch first…

Top Five Open Source Vulnerability Remediation Tools

Thu, 04 Apr 2019 07:27:24 GMT

Vulnerability remediation was once considered a straightforward process. Scanning software identified potential vulnerabilities and notified the system administrator, who took over from there. “Vulnerability” was seen as a coding issue, so manually checking and patching code became the standard method of remediation despite being slow and not always effective. Today, new technologies bring new vulnerabilities,…

3 Ways Vulnerability Remediation Intelligence Increases Security and Efficiency

Thu, 28 Mar 2019 10:14:09 GMT

Enterprises face new security threats daily. In 2017-18 alone, over 30,000 new vulnerabilities were reported. Trying to adapt to this new reality has become a tremendous challenge for security teams everywhere. Handling the influx of these new security threats has become an endless task, requiring manual, time-consuming work. While patching may be the first solution…

Your Vulnerability Management Process Isn’t Working

Thu, 21 Mar 2019 07:49:31 GMT

It’s the question that plagues every CISO: “Have I done enough?” First, you’ve convinced your partners in the boardroom that vulnerabilities are a serious matter and increased your security budget. Then, you’ve managed to create a collaborative relationship between IT and security teams, coordinating code scans and implementing patches. But every now and then it’s…

A History of Vulnerability Management

Thu, 14 Mar 2019 09:02:15 GMT

The number of known vulnerabilities has exploded in recent years. With enterprises using more software solutions, open-source, cloud, Internet of Things, and more, it’s no wonder the increase in security flaws has skyrocketed. For vulnerability managers, this can feel like a never-ending chase. So we may ask ourselves, “what’s this story’s origin, and what does…

How can Enterprises Stop Failing their Vulnerability Management Teams?

Thu, 07 Mar 2019 08:33:55 GMT

Everyone knows that CISOs are losing sleep over the dangers that vulnerabilities could potentially cause their businesses, and with good reason. But the problem goes beyond the continuous growth in vulnerabilities. All too often, enterprise security efforts suffer from at least one of the following problems: Difficulties in getting company-wide “buy in” for needed measures …

Linux Patching – Haven’t We Suffered Enough?

Wed, 27 Feb 2019 07:48:30 GMT

So, it’s time to patch again. Kind of like getting your flu shots – you know it’s good for you, but nobody likes doing it. Let’s do a quick analysis of the challenges that patching poses to your environment, and some of our recommended coping mechanisms Downtime The most frequent complaint we hear about patching…

Why Response is the Most Difficult Part of Vulnerability Management

Thu, 21 Feb 2019 10:15:00 GMT

“If it were easy, everyone would do it.”With the never-ending headlines of major breaches caused by vulnerabilities, it’s clear that vulnerability management isn’t easy. According to the Ponemon Institute, the average total cost of a breach in 2018 ranged from between 2-7 million dollars, depending on the number of compromised records. With those kinds of…

Vulcan Cyber’s Must Attend Events for CISOs in 2019

Tue, 12 Feb 2019 10:00:00 GMT

No matter what IT field you work in, staying on top of the latest technologies and trends is a must, especially in cybersecurity. Just as a good security plan requires continuous monitoring, a good CISO needs continuous learning. A top-notch security conference can be the most efficient and effective way for CISOs to stay current…

Saving Time and Money with Vulnerability Remediation at Scale

Thu, 07 Feb 2019 07:21:06 GMT

Security and IT teams are currently fighting a flood of software vulnerabilities. In 2018 alone, a record 16,555 were reported. Of these, thousands affected every cloud-native SaaS or enterprise company. Some of these vulnerabilities were only potentially dangerous, but others affected tens of thousands of customers. In one serious incident, data related to 380,000 British…

What Really Caused the Equifax Breach?

Thu, 31 Jan 2019 09:09:09 GMT

It’s been over a year since the Equifax breach made headline news. But I have the feeling that organizations haven’t looked at the Equifax breach as a lesson in what is currently wrong with the cybersecurity industry. The Equifax breach could have happened to any enterprise. If you don’t agree, you may as well…

Patch Management Best Practices for Production Environments

Wed, 23 Jan 2019 06:49:55 GMT

On the surface, patch management sounds like a straightforward task. But patching in a production environment means making a change to potentially every device in the enterprise. Let’s take a look at some of the complex challenges of patching production environments and some ways to improve the process. Why Patching in Production is Challenging…

Secure your Whales

Wed, 09 Jan 2019 11:03:33 GMT

For our day to day product deployment, we use docker containers. Whenever a new piece of code is being shipped to production, our CI/CD process creates several docker images and pushes them to our private registry – standard deployment process. In the spirit of “shifting left”, we wanted to scan our Docker images and the…

Vulnerability Management Worst Practices

Thu, 03 Jan 2019 07:09:18 GMT

Knowing what NOT to do can sometimes be just as helpful as knowing the right thing to do. Oftentimes, CISOs and Vulnerability Managers have plans and practices in place that can actually be making matters worse by focusing on the wrong things. Let’s review some of these mistakes so you can avoid them in your…

Security and DevOps: Getting them to Work Together

Thu, 27 Dec 2018 09:39:40 GMT

DevOps has revolutionized the pace at which new iterations of applications are released to meet the needs of customers. By nature, security teams are focused on securing company assets and data, which others may see as a roadblock to productivity. The tension between these two groups can sometimes be palpable. Both teams play important roles,…

Vulnerability Trends to Watch Out for in 2019

Thu, 20 Dec 2018 07:51:53 GMT

Trends in vulnerabilities and threats evolve as the technology landscape changes. The vulnerability landscape has changed tremendously over the last couple of years which has prompted many organizations to question whether their current methodologies for vulnerability management are sustainable moving forward. With 2019 just around the corner, vulnerability remediation is going to be more important…

Vulnerability Remediation: Don’t Let the Cure be Worse than the Disease

Thu, 13 Dec 2018 09:45:06 GMT

By now, everybody knows that vulnerabilities that aren’t remediated properly could pose a serious threat to the enterprises environment. The data breach experienced by Equifax last year exemplifies the impacts that can occur to a business that fails to remediate. However, we cannot ignore the other side of the coin – when remediation steps ARE…

The Staggering Growth in Vulnerability Disclosures, 2010 – 2018

Wed, 05 Dec 2018 10:11:58 GMT

With the end of the year, it’s prime time to reflect on vulnerability trends since the start of the decade. According to CVE Details at the time of writing this post, at least 15,534 vulnerabilities have been reported so far this year, which is more than double for all of 2016 (6447 vulnerabilities) and surpasses…

Looking Back – Top Vulnerabilities of 2018

Thu, 15 Nov 2018 09:47:44 GMT

However you flip the number of recorded vulnerabilities in a given year, the number is at once humbling and noteworthy. We know that both actions – remediating all vulnerabilities and prioritizing a high-severity security flaw in a little-used, low-value system over a medium-severity security hole in a mission-critical system – leave your company’s most important…

Vulnerability Metrics – Which Matter and Which Don’t

Thu, 01 Nov 2018 13:39:51 GMT

The best way to share information about the risks associated with vulnerabilities is via quantifying these risks – i.e. metrics. The question is, which metrics? In order to communicate a cohesive vulnerability narrative, in this post we’ve grouped some of the more common metrics – with the aim of helping you leverage the most useful…

Vulnerability Intelligence – What, Where and How?

Thu, 25 Oct 2018 07:36:30 GMT

A key part of any risk assessment framework, vulnerability intelligence enables organizations to consider the broader picture when assessing a given vulnerability or set of vulnerabilities. Vulnerability intelligence providers consolidate data from multiple sources – both external and internal – and then offer a contextualized assessment of organizational risk. This can drastically tip the scales…

A Closer Look at Vulnerability Disclosure Policies

Wed, 17 Oct 2018 04:48:34 GMT

While technology companies aim to ensure that their products are watertight, the fact of the matter is that security vulnerabilities are discovered. But how they deal with these discoveries varies considerably. The question is: should technology vendors keep vulnerabilities quiet or make them known? Delaying publicizing the security flaw gives them time to develop…

Taking a Risk Based Approach to Vulnerability Management

Thu, 11 Oct 2018 07:02:54 GMT

The question of remediating every single vulnerability is moot. Given the massive amounts of vulnerabilities being disclosed every month, it’s logistically and organizationally unfeasible. At the enterprise level, even the largest IT team simply can’t handle all the vulnerabilities out there – nor, in truth do they need to. The truth is that one of…

Vulnerability Assessment, Management, and Remediation: Understanding the Differences

Thu, 04 Oct 2018 09:36:38 GMT

As a CISO or Security Manager, you understand your organization’s need to remain one step ahead of cybercriminals searching for gaps in your security posture. The market is flooded with solutions for dealing with vulnerabilities and the challenge continues to be understanding the ways to best prioritize and manage the vulnerabilities. But first, to…

Three Best Practices for Patch Tuesday

Wed, 26 Sep 2018 09:20:58 GMT

The 15th anniversary of Patch Tuesday is coming up, and now is a good time to rethink how we approach patching as a whole, and how we prepare for Patch Tuesday specifically. What is Patch Tuesday? It’s the industry-applied name for Microsoft’s monthly scheduled release of security fixes for Windows and related software. Each…

Five Steps to Lower Cyber Risk with Better Vulnerability Management

Thu, 13 Sep 2018 09:54:51 GMT

In its 2018 “Global Risks Report,” the World Economic Forum – a prominent international policy think-tank – ranked cyber threats just below extreme weather events and natural disasters. Cyber risks “…are so structural and interconnected that they threaten the very system on which societies, economies and international relations are based,” noted Alison Martin, Group…

How Three Large Enterprises Made the Move to DevSecOps

Wed, 05 Sep 2018 09:50:00 GMT

The demanding speed of today’s development cycles and flexibility of IT infrastructure provides a huge opportunity to move faster not only for the development teams, but for the security team as well. DevSecOps, specifically – the early integration of security into the development and deployment processes – allows even large organizations with large infrastructures…

Top 10 Cyber Risk Experts to Follow

Tue, 28 Aug 2018 09:08:38 GMT

Figuring out the best way to leverage the cyber risk landscape with growing numbers of vulnerabilities every day is a daunting task, to say the least. Last year, CVE Details, a free database of software vulnerabilities, found a total of 14,712 known vulnerabilities. Indeed, threat analysis and vulnerability remediation can cost organizations up to…

DevSecOps: It’s Time to Make the Move

Tue, 21 Aug 2018 05:27:25 GMT

DevOps took the software scene by storm in 2008, with the promise to reduce the time between changing a software system and that change being rolled out in a production environment – without compromising on quality. Basically, it was supposed to “turn the IT business model on its head with shorter cycle times, automation,…

Putting Meltdown and Spectre in Perspective, Six Months Later

Tue, 14 Aug 2018 09:19:49 GMT

For several months in early 2018, you could not open a browser without seeing news about Spectre and Meltdown – the variants of a vulnerability built in to just about every computer chip on the planet. Discovered in late 2017 by researcher Michael Schwarz at Graz University of Technology in Austria, Spectre and Meltdown…

Always Brush Your Digital Teeth: Why You Should Maintain Good Cyber Hygiene

Wed, 01 Aug 2018 08:00:30 GMT

With proper cyber hygiene, you can control IT processes – rather than being controlled by endless (and unhygienic) vulnerabilities. What is Cyber Hygiene? As kids, we’re taught the basics of personal hygiene. The tripartite principles of using the right hygienic products (think toothpaste), in the right way (brushing up and down), and with the…

How to Start the Transition from Risk Management to Vulnerability Remediation

Tue, 24 Jul 2018 06:37:36 GMT

Just five years ago, the vulnerability landscape looked markedly different. There were fewer vulnerabilities to patch and risk was far lower – since most systems were still on-premise and the overall cyber-threat climate was calmer. John Breeden II of CSO Magazine summarized this old-world vulnerability attitude nicely, “Think of vulnerabilities like holes in a suit…

Cyber Risk Management is not the Goal

Thu, 19 Jul 2018 08:26:50 GMT

As we discussed in a previous post, a tsunami of known vulnerabilities is flooding businesses worldwide. In fact, the number of vulnerabilities reported to date in 2018 (8138 as of this writing) far outstrips the total number of vulnerabilities reported in all of 2016 (6447). We’re only halfway through the year, so it’s fair…

The Top 7 Vulnerabilities of the Decade

Wed, 11 Jul 2018 07:14:47 GMT

With nearly 15,000 new vulnerabilities discovered in 2017, and even more expected this year – the competition for ‘worst vulnerability’ is a tough one to judge. The discovery of serious, severe or even critical vulnerabilities is a daily occurrence – and thus ranking them by level of infamy is an elusive challenge. By way…

Your Vulnerability Management Processes are Broken

Thu, 28 Jun 2018 07:38:40 GMT

There’s no other way to state it: Existing vulnerability management processes are broken. Current vulnerability management paradigms are not keeping up with threats. Attacks similar to WannaCry and Petya, which exploited the Eternal Blue vulnerability, could happen again at any time. You don’t have to look very far back for an example. On April…

The Origins of the Vulnerability Flood

Mon, 25 Jun 2018 09:40:00 GMT

According to CVE Details, the number of vulnerabilities reported to date in 2018 (6559) already tops the total number of vulnerabilities reported in all of 2016 (6447). If nothing dramatic changes, the list seems on track to at least match last year’s record of over 14,600 reported vulnerabilities, if not to top it. In…

Fixing Drupalgeddon 2 in a Production Environment

Thu, 21 Jun 2018 05:22:28 GMT

On March 27th 2018, the Drupal CMS team announced a massive vulnerability dubbed ‘Drupalgeddon 2’. Accordingly, they recommended that “Drupal site owners should immediately —and we mean right now— update their sites to Drupal 7.58 or Drupal 8.5.1, depending on the version they’re running.” The security flaw is one of the most severe vulnerabilities…

Launching Vulcan Cyber

Thu, 21 Jun 2018 05:16:17 GMT

“Don’t wake a sleeping lion.” This was the reaction my two co-founders Tal Morgenstern, Roy Horev, and I had gotten over and over again when sharing with our colleagues our intention to establish Vulcan Cyber. “There are so many other problems, why this one?” Well, for me the answer was clear. I knew that solving…