Operations | Monitoring | ITSM | DevOps | Cloud


Detect and score application vulnerabilities

With AppDynamics and Cisco Secure Application, you can quickly identify where application vulnerabilities exist and gain insights as to how best to remediate them based on business risk observability. Let technology work for you by keeping up with the most recent vulnerabilities and help you prioritize what to remediate based on business risk.

WAF and Compliance: Meeting Legal and Regulatory Requirements

Building a web application in an online environment that hosts a countless number of bad bots, malicious hackers, and other security threats can be complicated. A web application must first be built to be functional (easy enough, sort of), and to be secure. Ideally, security will be considered from the beginning, and then flaws will need to be addressed upon completion. So, if your organization handles customer data, which it almost certainly does, there are legal and regulatory compliance rules you have to follow.

10 Best Vulnerability Management Tools for IT Professionals

Searching for the best vulnerability management tools in the market today? You’ve come to the right place. We’ve done all the research, compiled data from leading review sites, such as G2 and Capterra, and created this comprehensive guide on what to look for when selecting the best software vulnerability management tools for your business. When using this guide, it’s important to remember that vulnerability management, as a category, is essentially comprised of two functions.

XZ Vulnerability

You drink tap water every day, right? Do you know who invented the filtering mechanism that makes water pure and clean?… Well, do you actually care? Do you know that this mechanism is exactly the same in all the taps of all the houses of any country? Do you know that this specialized piece is the work of an engineer who does it just because? Can you imagine what could happen if this person had a bad day?

xz Backdoor: What to Know + What to Do About the XZ Utils Vulnerability

The xz backdoor is a vulnerability in XZ Utils, a popular data compression library. The xz backdoor can let unauthorized users gain admin-level access to systems, endangering data security and much more. Read on to learn more about the xz backdoor, who’s affected, and what you can do now to find out if your systems are at risk.

Microsoft Releases Out-of-band Updates to Address Critical Windows Server Domain Controller Issue

In a recent development that has sent ripples across the IT landscape, Microsoft has identified a critical issue plaguing Windows Server Domain Controllers (DCs). This issue, originating from a memory leak within the Local Security Authority Subsystem Service (LSASS), has emerged as a significant concern for organizations relying on both on-premises and cloud-based Active Directory domain controllers to process Kerberos authentication requests.

Safeguarding Smart Home Devices: A Comprehensive Guide to Cybersecurity for Ensuring Safety and Security

Smart home devices have revolutionized our lives, but with convenience comes risk. Have you ever wondered if your smart speakers, cameras, or thermostats could be vulnerable to cyber-attacks? Imagine the havoc a hacker could wreak by gaining unauthorized access. That's where this comprehensive cybersecurity guide comes in.

Securing your digital fort: Why firmware vulnerability management is essential

Think of your network device firmware as a fortress that can withstand attacks and protect you from potential threats in the digital world. It acts as a guardian, keeping hackers and malicious software at bay so you can be confident that your data is safe. However, any imposing medieval fortress standing tall and proud with seemingly impenetrable walls, no matter how strong it seems, can't keep up with a relentless barrage from the latest weaponry.

Patching Go's leaky HTTP clients

In November 2023 we discovered an issue in the Go standard library’s net/http.Client that allowed an attacker who controls redirect targets on a server to exfiltrate authentication secrets. Soon after, we discovered a similar issue in net/http/cookiejar.Jar. The issues, collectively designated CVE-2023-45289, have now been fixed in Go 1.22.1 and Go 1.21.8, released on March 5, 2024. This blog post dives into the technical details behind those two bugs and the patch that addresses them.