Enterprise Security: Tools, Reviews, Tips and Tricks
In the past, corporations and large organizations were usually the targets of cyber attacks. Today, however, organizations of all sizes need to be mindful of cyber threats lurking in the wild, and need to work towards a goal of impenetrable security.
Along with our Tips category that shares resources for the more strategic side of cybersecurity, our “Enterprise Security” category tackles the risk of unauthorized access and the securing of all entry points.
Enterprise security covers all strategies, techniques and processes that secure digital assets and critical information against malicious attackers trying to gain unauthorized access to an organization's system and networks. This area encompasses the “Technology, People and Processes” involved, with the goal of focusing on the strategic, legal and cultural requirements needed to protect an organization’s information.
In this category, you’ll find in-depth information about different aspects of enterprise security, including common security risks for organizations of all sizes, concepts such as Zero Trust, advanced persistent threats, ransomware attacks, and of course, a bit on the security teams responsible for creating and maintaining the cybersecurity posture of an organization — red teams, blue teams, purple teams, security operations centers, and more.
CVE-2022-42475: Fortinet Pre-authentication Code-execution Vulnerability
Fortinet continues to garner and release information to address a recently-discovered heap-based buffer overflow vulnerability impacting several versions of FortiOS (FOS), the operating system behind an entire series of FortiGate next-generation firewalls and security appliances.
High Severity OpenSSL 3.0.x Vulnerabilities Discovered (CVE-2022-3786 and CVE-2022-3602)
The OpenSSL project team has just announced a security fix targeting two distinct buffer overflow (CVE-2022-3786 and CVE-2022-3602) vulnerabilities impacting versions 3.0.0 to 3.0.6 of the popular open-source cryptographic platform.
Managing WordPress and WooCommerce Threats With Attack Surface Intelligence
With its theme ability, websites powered by WordPress can be made to look unique—and often can’t be identified as WordPress-powered at first glance. Combined with the ability to use various plugins to extend its usability, it’s become common for WordPress site owners to use it not only for blogging but for other use cases as well, such as eCommerce.
How Attack Surface Intelligence Drives Vulnerability Management
Today, organizations the world over are facing sophisticated threats and cyber attacks on their valuable digital assets as well as embedded, unknown vulnerabilities in their infrastructures. And digital transformation, along with the pandemic and the shift to the cloud, have only accelerated changes in the way organizations operate, mainly with hybrid and remote work.
The Current State of CI/CD Security, and How to Prevent Common Mistakes
An ever-growing need for faster and structured development has meant that CI/CD tools have become integrated into the core of an organization's development processes.
Atlassian Confluence on-premise vulnerability: Remote access with a hard-coded password
This vulnerability affects on-premise installations of Confluence, where the “Questions for Confluence” add-on is installed or has been installed at any point. Admins should update their instances immediately and ensure they have not been compromised.
Popular Misconfigurations that Make Containerized Apps Vulnerable to Attacks
With today’s staggering number of internet users, and the fact that web applications themselves are doing more than they ever have in the past, scaling, maintaining, and developing large web applications has become a significant challenge for DevOps teams.
Guide and Enrich Red Team Operations with Attack Surface Intelligence
One of the many cognitive spaces where cybersecurity practitioners often like to boast of ingenuity lies in the realm of adversarial emulation.
Journey to the Underbelly of the Beast: Out-of-Band Management Security and the Attack Surface
As of this writing, enterprise networks around the world are still known to be supporting some form of hardware-based remote access and control capability, collectively referred to as out-of-band management (OOBM), as a fallback mechanism to provide system administrators with an alternate data path to computing elements that may otherwise be unreachable through more traditional network media.
The CVE Approach: A Reductionist Way to Handle the Attack Surface
As recently as the 1990s, the information security industry lacked a fundamental mechanism to deal with the notion of sharing both hardware and software vulnerabilities using any sort of meaningful taxonomy.