3 min
InsightVM
Decentralize Remediation Efforts to Gain More Efficiency with InsightVM
We’re excited to introduce you to two new InsightVM product updates to help you further reduce friction, save time, and gain greater efficiency.
2 min
Vulnerability Management
CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know
CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.
3 min
Vulnerability Management
Vulnerability Remediation vs. Mitigation: What’s the Difference?
In this blog, we dive into better understanding the difference between vulnerability mitigation vs. remediation.
4 min
InsightVM
How to Track and Remediate Default Account Vulnerabilities in InsightVM
In this blog post, we discuss older, lesser-known features that can still provide amazing value in your vulnerability management program using InsightVM.
3 min
Vulnerability Management
Patch Tuesday - September 2020
129 Vulnerabilities Patched in Microsoft's September 2020 Update Tuesday
(2020-Sep Patch Tuesday)
Despite maintaining the continued high volume of vulnerabilities disclosed and
patched this month, Microsoft's 129-Vulnerability September 2020 Update Tuesday
is seemingly calm from an operations perspective -- at first glance.
While following standard procedures of scheduling the patching for Windows OSes
up front immediately closes the door against 60%+ of the vulnerabilities being
disclosed this
5 min
InsightVM
Automated External Sonar Scanning Workflow with InsightVM
In this blog post, we discuss an external scanning strategy that you will want to implement with your InsightVM deployment.
4 min
Vulnerability Management
Patch Tuesday - August 2020
120 Vulnerabilities Patched in Microsoft's August 2020 Update Tuesday (2020-Aug
Patch Tuesday)
August 2020 brings along patches for 120 vulnerabilities within the standard set
of Microsoft products (Windows, Office, Browsers, and Developer Tools such as
.NET Framework, ASP.NET, and Visual Studio). Among the crowd are two
vulnerabilities: CVE-2020-1464
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464]
, and CVE-2020-1380
[https://portal.msrc.microsoft.com/en-US/s
3 min
InsightVM
What’s New in InsightVM: H1 2020 in Review
Throughout the first half of the year, we released updates and features to help security teams work more effectively and efficiently in InsightVM.
3 min
Vulnerability Management
Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know
On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.
4 min
Vulnerability Management
Hear from Your Peers: Advice for Your First 90 Days Using a Vulnerability Management Solution
In a recent survey with InsightVM customers, we asked them to share their best tips for the first 90 days of using a vulnerability management solution.
3 min
Vulnerability Management
CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know
On July 22, Cisco released a patch for a high-severity read-only patch traversal vulnerability in its Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.
5 min
InsightVM
Q&A from June 2020 Customer Webcast on InsightVM Custom Policy Builder
During our most recent webcast on InsightVM's Custom Policy Builder, we received a lot of great questions from attendees.
4 min
Vulnerability Management
Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know
On Tuesday, July 14, 2020, Microsoft released a patch for a 17-year-old remote code execution (RCE) vulnerability in Windows Domain Name System (DNS) servers discovered by Check Point researchers.
4 min
Vulnerability Management
CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) Java
The new SAP vulnerability (RECON), a critical vulnerability affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard, is a huge deal.
3 min
Vulnerability Management
12 Most Exploited Vulnerabilities: How to Navigate Vulnerabilities in a Security Program
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) laid out the 12 most exploited vulnerabilities since 2016.