Security news that informs and inspires

Archive

9 results for tag Patching:

Patching All The Things May Not Be The Best Strategy

Armchair risk analysis frequently defaults to "patch all the things," but the data shows that trying to chase after every vulnerability isn't always the best strategy for a CISO. How should CISOs look at Kenna Security and Cyentia Institute's research on what kind of patching model works best?

CISO, Patching

History Suggests Attackers Will Hit Struts Flaw Quickly

The open source Struts web application framework has a target on its back. Attackers are likely developing exploits. Is it time to stop using Struts?

Vulnerability, Patching

What Defenders Need to Know About the Latest Struts Flaw

It hasn’t even been a year since the Equifax breach was made public, and Apache has fixed yet another another critical vulnerability in the Struts web application framework. Does your incident response plan include assessing the risk exposure and deploying defenses on top of patch management?

Patching, Vulnerability, Java, Incident Response

Opinion: 4 Reasons Why Organizations Can’t “Just Patch”

The WannaCry debacle and most recent MaybeNotPetya attack has revealed that there are countless unpatched systems - no big surprise. Here’s what’s keeping organizations vulnerable, and what we can do about it.

Ransomware, WannaCry, Petya, Patching