Rhett has been running corporate marketing and demand generation functions in the enterprise infrastructure and security markets for a really long time. Prior to Vulcan Cyber Rhett spent more than two decades with SaltStack, ServiceNow, Symantec and Altiris.
Amazon released the EC2 Run Command in 2015 as the first step to extend a bridge back to datacenter, enterprise, and traditional operations environments. Then in 2016, AWS released its patch management solution under the EC2 Systems Manager. Now, all datacenter-style management tools fall under the AWS Systems Manager.
For an organization to be confident it must have a solid security posture, and for this, regular testing is key. Two types of testing are critical to assessing security posture – penetration testing and vulnerability scans.
In the broadest sense, “Asset Management” means managing the complete life-cycle of every corporate asset, from procurement to safe disposal. Effective Asset Management ensures that every expense fits both corporate goals and security standards, including guidelines and policies related to Vulnerability Management, such as how vulnerabilities are prioritized and resolved.
The number of vulnerabilities uncovered daily has long exceeded what security teams can possibly address. The key to success in vulnerability management no longer lies in patching everything, but rather in making judgment calls and deciding which vulnerabilities to address and which to ignore.
Vulnerability remediation was once considered a straightforward process. Scanning software identified potential vulnerabilities and notified the system administrator, who took over from there. “Vulnerability” was seen as a coding issue, so manually checking and patching code became the standard method of remediation despite being slow and not always effective.
The number of known vulnerabilities has exploded in recent years. With enterprises using more software solutions, open-source, cloud, Internet of Things, and more, it’s no wonder the increase in security flaws has skyrocketed.
So, it’s time to patch again. Kind of like getting your flu shots – you know it’s good for you, but nobody likes doing it. Let’s do a quick analysis of the challenges that patching poses to your environment, and some of our recommended coping mechanisms
No matter what IT field you work in, staying on top of the latest technologies and trends is a must, especially in cybersecurity. Just as a good security plan requires continuous monitoring, a good CISO needs continuous learning. A top-notch security conference can be the most efficient and effective way for CISOs to stay current… Continue reading Must Attend Cybersecurity Conferences for CISOs in 2019
Knowing what NOT to do can sometimes be just as helpful as knowing the right thing to do. Oftentimes, CISOs and Vulnerability Managers have plans and practices in place that can actually be making matters worse by focusing on the wrong things. Let’s review some of these mistakes so you can avoid them in your… Continue reading Exploited Vulnerabilities Drive Remediation Urgencies
DevOps has revolutionized the pace at which new iterations of applications are released to meet the needs of customers. By nature, security teams are focused on securing company assets and data, which others may see as a roadblock to productivity. The tension between these two groups can sometimes be palpable.
