#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

Threat Assessment | Breaking Cybersecurity News | The Hacker News

Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning

Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning

Jun 16, 2022
For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear. However, with remote working now the norm in most if not all workplaces, it feels a lot more like agent-based scanning is a must, while network-based scanning is an optional extra. This article will go in-depth on the strengths and weaknesses of each approach, but let's wind it back a second for those who aren't sure why they should even do internal scanning in the first place. Why should you perform internal vulnerability scanning? While  external vulnerability scanning  can give a great overview of what you look like to a hacker, the information that can be gleaned without access to your systems can be limited. Some serious vulnerabilities can be discovered at this stage, so it's a must for many organizations, but that's not where hackers stop.  Techniques like phishing, targeted malware,
Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations

Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations

Feb 18, 2020
Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive. Cynet changes the rules of the game with a free threat assessment offering ( click here to learn more ) based on more than 72 hours of data collection, enabling organizations to benchmark their security posture against their vertical industry peers and take actions accordingly. Cynet Free Threat Assessment (available for organizations with 250 endpoints and above, from North America and Europe) spotlights critical, exposed attack surfaces and provides actionable knowledge of attacks that are currently alive and active in the environment. 1.) Indication of live attacks — active malware, connection to C&C, data exfiltration, access to phishing links, user credential theft attempts, and others: 2.) Host and app attack surfaces — unpatched vulnera
Broadening the Scope: A Comprehensive View of Pen Testing

Broadening the Scope: A Comprehensive View of Pen Testing

Jan 16, 2020
Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used as a keystone in cybersecurity policies. The same can be said about broader penetration testing practices. Organizations gain real value from learning about others' penetration testing experiences, trends, and the role they play in today's threat landscape. The world of pen testing can be an interesting balance of open collaboration and closely guarded privacy. While pen testers may engage in teaming exercises, or happily talk technique when they attend Black Hat, most organizations are extremely reluctant when it comes to discussing their pen testing practices and results. Of course, confidentia
The Ultimate 2019 Security Team Assessment Template

The Ultimate 2019 Security Team Assessment Template

Nov 20, 2019
Assessing the performance of your security team is critical to both knowing your current posture, as well as planning ahead. ' The Ultimate 2019 Security Team Assessment Template ' is the first attempt to capture all the main KPIs of the security team main pillars, saving CIOs and CISOs the time and effort of creating such an assessment from scratch and providing them with a simple and easy-to-use tool to measure how their teams are operated in 2019, while setting up performance targets for 2020. Building such a template is challenging because security teams vary greatly in size and internal responsibility distribution. Additionally, there is little consistency in the terms used to designate the various positions across the industry – security analyst, for example, could have one meaning in a certain company and different one in another. The same goes for architects, managers, and directors. The Security Team Assessment Template ( download here ) addresses this chall
Cynet Offers Free Threat Assessment for Mid-Sized and Large Organizations

Cynet Offers Free Threat Assessment for Mid-Sized and Large Organizations

Apr 03, 2019
Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive. Cynet changes the rules of the game with a free threat assessment offering based on more than 72 hours of data collection and enabling organizations to benchmark their security posture against their industry vertical peers and take actions accordingly. Cynet Free Threat Assessment (available for organizations with 300 endpoints and above) spotlights critical, exposed attack surfaces and provides actionable knowledge of attacks that are currently alive and active in the environment: ➤ Indication of live attacks: active malware, connection to C&C, data exfiltration, access to phishing links, user credential theft attempts and others: ➤ Host and app attack surfaces: unpatched vulnerabilities rated per criticality: ➤ Benchmark comparing
More Resources