Rhett has been running corporate marketing and demand generation functions in the enterprise infrastructure and security markets for a really long time. Prior to Vulcan Cyber Rhett spent more than two decades with SaltStack, ServiceNow, Symantec and Altiris.
DevOps has revolutionized the pace at which new iterations of applications are released to meet the needs of customers. By nature, security teams are focused on securing company assets and data, which others may see as a roadblock to productivity. The tension between these two groups can sometimes be palpable.
Trends in vulnerabilities and threats evolve as the technology landscape changes. The vulnerability landscape has changed tremendously over the last couple of years which has prompted many organizations to question whether their current methodologies for vulnerability management are sustainable moving forward.
By now, everybody knows that vulnerabilities that aren’t remediated properly could pose a serious threat to the enterprises environment. The data breach experienced by Equifax last year exemplifies the impacts that can occur to a business that fails to remediate. However, we cannot ignore the other side of the coin – when remediation steps ARE… Continue reading Incident Remediation: A Cure Can’t be Worse Than the Disease
With the end of the year, it’s prime time to reflect on vulnerability trends since the start of the decade.
However you flip the number of recorded vulnerabilities in a given year, the number is at once humbling and noteworthy. We know that both actions – remediating all vulnerabilities and prioritizing a high-severity security flaw in a little-used, low-value system over a medium-severity security hole in a mission-critical system – leave your company’s most important… Continue reading Looking Back – The Top Vulnerabilities of 2018
A key part of any risk assessment framework, vulnerability intelligence enables organizations to consider the broader picture when assessing a given vulnerability or set of vulnerabilities. Vulnerability intelligence providers consolidate data from multiple sources – both external and internal – and then offer a contextualized assessment of organizational risk. This can drastically tip the scales… Continue reading Cyber Threat Intelligence – Answer to the Biggest Questions
The question of remediating every single vulnerability is moot. Given the massive amounts of vulnerabilities being disclosed every month, it’s logistically and organizationally unfeasible. At the enterprise level, even the largest IT team simply can’t handle all the vulnerabilities out there – nor, in truth do they need to.
In its 2018 “Global Risks Report,” the World Economic Forum – a prominent international policy think-tank – ranked cyber threats just below extreme weather events and natural disasters.
The demanding speed of today’s development cycles and flexibility of IT infrastructure provides a huge opportunity to move faster not only for the development teams, but for the security team as well. DevSecOps, specifically – the early integration of security into the development and deployment processes – allows even large organizations with large infrastructures… Continue reading How Three Large Enterprise Teams Made the Move to DevSecOps
DevOps took the software scene by storm in 2008, with the promise to reduce the time between changing a software system and that change being rolled out in a production environment – without compromising on quality. Basically, it was supposed to “turn the IT business model on its head with shorter cycle times, automation, and… Continue reading DevOps Security – Time to Put Sec in DevOps
