Posts tagged Vulnerability Management

4 min Vulnerability Disclosure

CVE-2021-22652: Advantech iView Missing Authentication RCE (FIXED)

Advantech iView versions prior to 5.7.03.6112 suffer from an instance of "CWE-306: Missing Authentication For Critical Function."

7 min Vulnerability Management

Patch Tuesday - February 2021

The second Patch Tuesday of 2021 is relatively light on the vulnerability count, with 64 CVEs being addressed across the majority of Microsoft’s product families. Despite that, there’s still plenty to discuss this month. Vulnerability Breakdown by Software Family FamilyVulnerability CountWindows28ESU14Microsoft Office11Browser9Developer Tools 8Microsoft Dynamics2Exchange Server2Azure2System Center2Exploited and Publicly Disclosed Vulnerabilities One zero-day was announced: CVE-2021-1732 [https:

2 min News

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

Cisco has released security updates to address vulnerabilities in most of their product portfolio.

3 min News

SonicWall SNWLID-2021-0001 Zero-Day and SolarWinds’ 2021 CVE Trifecta: What You Need to Know

2021 continues to deliver with an unpatched zero-day exposure in some SonicWall appliances and three moderate-to-critical CVEs in SolarWinds software.

2 min Vulnerability Management

Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)

InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.

1 min Vulnerability Management

Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?

Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers looking to capitalize.

7 min Vulnerability Management

Patch Tuesday - January 2021

We arrive at the first Patch Tuesday of 2021 (2021-Jan [https://msrc.microsoft.com/update-guide/releaseNote/2021-Jan]) with 83 vulnerabilities across our standard spread of products.  Windows Operating System vulnerabilities dominated this month's advisories, followed by Microsoft Office (which includes the SharePoint family of products), and lastly some from less frequent products such as Microsoft System Center and Microsoft SQL Server. Vulnerability Breakdown by Software Family FamilyVulnera

4 min InsightVM

What’s New in InsightVM: Q4 2020 in Review

Here’s our roundup of the new and improved InsightVM features we’ve updated in Q4 2020.

4 min DevSecOps

Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity

Let’s take a look at some key insights on current industry efforts to more closely integrate DevOps and SecOps—and how you can plot your best path forward.

3 min InsightVM

Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution

Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals.

3 min InsightVM

How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM

In this blog, we will be focusing on a simple use case that enables your organization to achieve greater visibility into your policy customization process.

4 min Vulnerability Management

The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices

Based on the assessment of 24 service protocols, Rapid7’s NICER revealed key insights about the current state of the internet.

7 min News

SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know

On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.

2 min InsightVM

InsightVM Now Integrates With Snyk for Deep Visibility Into Container Vulnerabilities

We're excited to announce that InsightVM now integrates with Synk for deep visibility into container vulnerabilities.

2 min InsightVM

New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility

When speaking with customers, we continue to hear that they are looking for more visibility into their vulnerability risk management activities.