November 6, 2022
You’re all secure and ready.
Then a new zero-day vulnerability is found in your IT infrastructure.
Most recently it was OpenSSL 3.0 (CVE-2022-3602 – Remote Code Execution and CVE-2022-3786 – Denial of Service).
It’s not the first time, nor will it be the last.
The good news is that there is a way to be better prepared.
Patch regularly and, most importantly, validate your security daily.
<Previous
CVSS – One Size Fits None
No one can deny that we are suffering from an overflow of vulnerabilities that is overwhelming and intensifying every year. The Common Vulnerability Scoring System (CVSS) was all we had to work with so far. This “one size fits all” severity ranking for vulnerabilities may help prioritize remediation action. However, without the context of the […]
Next>
Exposed
Fact: Today’s security defenses have so many moving parts and systems involved, making it nearly impossible to keep a mid to large enterprise configuration clean. Add to that the need for IT to foster business agility and IT security without slowing down processes and you come to the clear conclusion that security control validation, and […]