BOD 19-02: DHS Vulnerability Remediation Requirements

On April 29 of this year, the Department of Homeland Security issued Binding Operational Directive (BOD) 19-02, Vulnerability Remediation Requirements for Internet-Accessible Systems. According to the DHS website “a binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems.”


Sharepoint vulnerability exploited in the wild

AT&T Alien Labs has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604). One report by the Saudi Cyber Security Centre appears to be primarily targeted at organisations within the kingdom. An earlier report by the Canadian Cyber Security Centre identified similar deployment of the tiny China Chopper web-shell to gain an initial foothold.


Integrating Vulnerability Management into your SOAR to shorten investigation time

Vulnerability Management has come along way in recent years. Once thought to be a once a month process, modern vulnerability solutions offer organizations near unlimited flexibility in regards to when and how vulnerability scans take place. Now, with continuous visibility into the vulnerabilities across their environments, IT teams can take action fast when a critical asset is flagged as vulnerable.


Managed Vulnerability Management? Yes, You Read That Right

The importance of a mature vulnerability management program can’t be overstated. File integrity monitoring (FIM) and security configuration management (SCM) might be the bedrock of a strong cybersecurity program, but they can only go so far. Scanning for vulnerabilities needs to be a foundational part of your program, too. The Center for Internet Security (CIS) already knows this; that’s why it ranks continuous vulnerability management (VM) as number three in its top six basic security controls.


Vulnerability Management: Myths, Misconceptions and Mitigating Risk

Vulnerability Management is a much-talked-about practice in the IT security industry. Whether it is the debate on vulnerability scoring, how to implement a suitable vulnerability management program based on your own resources or even trying to convince leadership a vulnerability management solution alone won’t solve all your cybersecurity issues, the debate is still strong.


Vulnerability Management Metrics: The Final Frontier

In Part 1 of this series, we looked at some of the metrics that an executive team would want to see to identify how the business risk is trending. It is very important to keep in mind that if the business does not see the information security program as effective and efficient, they will not continue to invest in information security projects. In this part, we will look at the operational level reports that can assist in focusing efforts to reduce the risk to the business.


New Kubernetes Security Vulnerabilities Disclosed: CVE-2019-1002101 and CVE-2019-9946

Two Kubernetes security vulnerabilities were disclosed yesterday: CVE-2019-1002101, a high severity issue, and CVE-2019-9946, a medium severity issue. Read on for a description of the vulnerabilities and their impact, how to know whether you’re affected, and what the remediation steps are.


Turning Data into Metrics: A Vulnerability Management Story

One of the main issues I find across the information security industry is that we constantly need to justify our existence. Organizations have slowly realized they need to spend on IT to enable their businesses. Information security, on the other hand, is the team that is constantly preventing the business from freely doing as they please. IT is seen as a driver of success, and security can be, too. The security team just needs to learn how to enable the business.