#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

vulnerability management | Breaking Cybersecurity News | The Hacker News

Category — vulnerability management
Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats

Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats

Nov 26, 2024 Pentest / Vulnerability Assessment
When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That's why Intruder, a leader in attack surface management, built Intel - a free vulnerability intelligence platform designed to help you act fast and prioritize real threats. What is Intel? Intel was created to fill a gap in the resources available for tracking emerging vulnerabilities. When one of Intruder's go-to tools shut down last year, the team set out to build a solution that would not only meet their needs but also benefit the wider infosec community. Intel tracks the top trending CVEs from the past 24 hours and assigns each a 'hype score' - a rating out of 100, benchmarked against the year's highest levels. Alongside real-time insights, Intel features expert commentary from Intruder's Security team and consolidates the latest information from trusted sources like NVD and CISA, all in one place. 5 Ways Intel Helps You Stay Ahead Keep on top of trends: I...
How to Get Going with CTEM When You Don't Know Where to Start

How to Get Going with CTEM When You Don't Know Where to Start

Oct 04, 2024 Vulnerability Management / Security Posture
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities - before they can be exploited by attackers.  On paper, CTEM sounds great . But where the rubber meets the road – especially for CTEM neophytes - implementing CTEM can seem overwhelming. The process of putting CTEM principles into practice can look prohibitively complex at first. However, with the right tools and a clear understanding of each stage, CTEM can be an effective method for strengthening your organization's security posture.  That's why I've put together a step-by-step guide on which tools to use for which stage. Want to learn more? Read on… Stage 1: Scoping  When you're...
The Future of Serverless Security in 2025: From Logs to Runtime Protection

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Nov 28, 2024Cloud Security / Threat Detection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is the issue with that: 1. Logs Only Tell Part of the Story Logs can track external-facing activities, but they don't provide visibility into the internal execution of functions. For example, if an attacker injects malicious code into a serverless function that doesn't interact with external resources (e.g., external APIs or databases), traditional log-based tools will not detect this intrusion. The attacker may execute unauthorized processes, manipulate files, or escalate privileges—all without triggering log events. 2. Static Misconfiguration Detection is Incomplete Static tools that check ...
EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

EPSS vs. CVSS: What's the Best Approach to Vulnerability Prioritization?

Sep 26, 2024 Vulnerability Management / Security Automation
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don't factor in real-world threat data, such as the likelihood of exploitation. With new vulnerabilities discovered daily, teams don't have the time - or the budget - to waste on fixing vulnerabilities that won't actually reduce risk. Read on to learn more about how CVSS and EPSS compare and why using EPSS is a game changer for your vulnerability prioritization process.  What is vulnerability prioritization? Vulnerability prioritization is the process of evaluating and ranking vulnerabilities based on the potential impact they could have on an organization. The goal is to help security teams determine which vulnerabilities should be addressed, in what timeframe, or if they need to be fixed at all. This process ensures that the most critical risks are mitigat...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Sep 12, 2024 Cryptocurrency / Network Security
Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions," Cado Security researchers Tara Gould and Nate Bill said in an analysis published today. "However, Selenium Grid's default configuration lacks authentication, making it vulnerable to exploitation by threat actors." The abuse of publicly-accessible Selenium Grid instances for deploying crypto miners was previously highlighted by cloud security firm Wiz in late July 2024 as part of an activity cluster dubbed SeleniumGreed . Cado, which observed two different campaigns against its honeypot server, said the threat actors are exploiting the lack of authentication protections to carry out a diverse set of malicious actions. The first of them leverages the " goog:chromeOptions " dictionary to inject a Ba...
NIST Cybersecurity Framework (CSF) and CTEM – Better Together

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

Sep 05, 2024 Threat Detection / Vulnerability Management
It's been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally tailored for Critical infrastructure, 2018's version 1.1 was designed for any organization looking to address cybersecurity risk management.  CSF is a valuable tool for organizations looking to evaluate and enhance their security posture. The framework helps security stakeholders understand and assess their current security measures, organize and prioritize actions to manage risks, and improve communication within and outside organizations using a common language. It's a comprehensive collection of guidelines, best practices, and recommendations, divided into five core functions: Identify, Pr...
Webinar: Learn to Boost Cybersecurity with AI-Powered Vulnerability Management

Webinar: Learn to Boost Cybersecurity with AI-Powered Vulnerability Management

Sep 02, 2024 Vulnerability Management / Webinar
The world of cybersecurity is in a constant state of flux. New vulnerabilities emerge daily, and attackers are becoming more sophisticated. In this high-stakes game, security leaders need every advantage they can get. That's where Artificial Intelligence (AI) comes in. AI isn't just a buzzword; it's a game-changer for vulnerability management. AI is poised to revolutionize vulnerability management in the coming years. It enables security teams to: Identify risks at scale: AI can analyze massive amounts of data to identify vulnerabilities that humans might miss. Prioritize threats: AI helps focus on the most critical vulnerabilities, ensuring resources are used effectively. Remediate faster: AI automates many tasks, allowing for quicker and more efficient remediation. AI isn't just about technology; it's about people. This webinar will delve into how security leaders can leverage AI to empower their teams and foster a culture of security. Learn how to tur...
CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures

CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures

Aug 27, 2024 Threat Management / Enterprise Security
Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year's report: Threat Exposure Management, Exposure Assessment Platforms (EAP), and Adversarial Exposure Validation (AEV). These category definitions are aimed at providing some structure to the evolving landscape of exposure management technologies. Pentera, listed as a sample vendor in the newly defined AEV category, is playing a pivotal role in increasing the adoption of CTEM, with a focus on security validation. Following is our take on the CTEM related product categories and what they mean for enterprise security leaders. The Industry is Maturing CTEM, coined by Gartner in 2022, presents a structural approach for continuously assessing, prioritizing, validating, and remediating expo...
Focus on What Matters Most: Exposure Management and Your Attack Surface

Focus on What Matters Most: Exposure Management and Your Attack Surface

Aug 23, 2024 Attack Surface Management
Read the full article for key points from Intruder's VP of Product, Andy Hornegold's recent talk on exposure management. If you'd like to hear Andy's insights first-hand,  watch Intruder's on-demand webinar . To learn more about reducing your attack surface , reach out to their team today.   Attack surface management vs exposure management Attack surface management (ASM) is the ongoing process of discovering and identifying assets that can be seen by an attacker on the internet, showing where security gaps exist, where they can be used to perform an attack, and where defenses are strong enough to repel an attack. If there's something on the internet that can be exploited by an attacker, it typically falls under the realm of attack surface management. Exposure management takes this a step further to include data assets, user identities, and cloud account configuration. It can be summarized as the set of processes that allow organizations to continually and consistently eval...
The Facts About Continuous Penetration Testing and Why It's Important

The Facts About Continuous Penetration Testing and Why It's Important

Aug 22, 2024 Penetration Testing / Red Teaming
What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization's digital assets to identify and mitigate security vulnerabilities. CASPT is designed for enterprises with an evolving attack surface where periodic pentesting is no longer sufficient. Unlike traditional penetration testing, which is often performed annually or semi-annually, CASPT is an ongoing process that integrates directly into the software development lifecycle (SDLC), ensuring that vulnerabilities are discovered and addressed in real-time or near-real-time. CASPT is a proactive security measure designed to stay ahead of potential attackers by continuously evaluating the security posture of an organization. It enables security teams to identify critical entry points that could be exploited b...
Expert Insights / Articles Videos
Cybersecurity Resources