asset inventory
CAASM: Dead-End Approach or Worthwhile Journey?
Cyber Asset Attack Surface Management (CAASM) is focused on enabling security teams to overcome asset visibility. Asset visibility is foundational to security programs — knowing what assets exist in their environment and ...
NetworkMiner 2.9 Released
NetworkMiner 2.9 brings several new and improved features to help analysts make sense of network traffic from malware, criminals and industrial control systems. Highlights from this new version include: TZSP supportStealC extractorImproved ...
Balbix Guide to XZ Utils Backdoor
Executive Summary On March 29, 2024, developer Andres Freund reported the discovery of a backdoor in XZ Utils, affecting v5.6.0 and 5.6.1. XZ Utils, which provides compression tools for the .xz format, ...
Understanding Your Attack Surface: AI or bust
Creating an accurate inventory of an organization’s assets and applications while ensuring no duplicates or omissions is essential for any IT and security program. Security teams must understand vulnerabilities associated with their ...
What is a Shadow API? Understanding the risks and strategies to prevent their sprawl
Understand main Shadow API risks, and discover powerful strategies to curb Shadow API sprawl effectively ...
How Balbix Ensures Your Asset Inventory is Accurate and Complete
No Aggregation = Aggravation Having a broad range of security tools is necessary to ensure a strong security posture. Any good security strategy will have a diverse set of tools providing a ...
CISA Directs Federal Agencies to Boost System Visibility
The Cybersecurity and Infrastructure Security Agency (CISA) this week issued Binding Operational Directive (BOD) 23-01 to improve vulnerability detection and identify weaknesses in federal civilian agencies’ systems and networks. Dubbed “Improving Asset ...
The Reason You Need to Have Complete Visibility of all Your Assets and Security Controls
Putting together a jigsaw puzzle is a great way to spend the weekend. Looking at that complete picture in the end is a great feeling. But imagine getting to the end of ...
Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom
With millions working, learning and collaborating remotely due to COVID-19 challenges, there’s an explosion of remote endpoints running Zoom and other collaboration and productivity applications such as Outlook, Teams, Webex, Slack, Office ...
Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR
A severe vulnerability exists in Apache Tomcat’s Apache JServ Protocol. The Chinese cyber security company Chaitin Tech discovered the vulnerability, which is named “Ghostcat” and is tracked using CVE-2020-1938. The security issue ...
