All Posts

1517 posts

Verizon Data Breach Investigations Report 2020

One of the most respected publications in cybersecurity is the Verizon Data Breach Investigations Report (DBIR), analyzing over 150,000 incidents and providing a comprehensive analysis covering the 32,002 incidents and 3950 breaches that meet Verizon’s quality standards. I liked very much how they choose to represent the concept that no industry, no region, no market is excluded; using a page of differently colored squares to illustrate how wide, pervasive, and data-driven their 3950 breaches analyzed has been.

Breaches

Concerning the findings, nearly half (45%) of the breaches featured Hacking. The large majority of them have been perpetrated by external actors, which reinforces the idea that a value chain is present behind almost all hacking attempts. This evidence is also highlighted by the common denominators section, showing that 86% of breaches are financially motivated.

This same section shows that near the half (43%) of the breaches involved Web Applications. This shows the crucial importance of having a solid CI/CD pipeline where security is totally integrated as early as possible in the DevOps lifecycle.

Continue reading …

Policy Compliance Library Updates, May 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The May release includes support for new technologies, 3 CIS Benchmark policies, 3 DISA STIG policies, 11 Industry and Best Practice policies, and provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.
Continue reading …

May 2020 Patch Tuesday – 111 Vulns, 16 Critical, SharePoint, VS Code, Adobe Patches

Continuing the trend of large Microsoft Patch Tuesdays, this month’s addresses 111 vulnerabilities with 16 of them labeled as Critical. The 16 Critical vulnerabilities cover SharePoint, Browsers, Scripting Engines, Media Foundation, Microsoft Graphics, Microsoft Color Management, and the VS Code Python Extension. Adobe released patches today for Acrobat/Reader, and DNG SDK.

Continue reading …

Qualys Community Migration to Salesforce Platform

We are excited to announce that the Qualys Community discussion forums are migrating to the Salesforce platform on June 6-7 weekend.

This 30-day notification explains why we are changing the underlying platform, how it benefits Qualys customers, and what you should expect.

Benefits

The Salesforce platform offers Qualys community some significant advantages:

Continue reading …

Qualys Cloud Platform 10.1.0 New Features

The upcoming release of the Qualys Cloud Platform (VM, PC), version 10.1.0, includes several new features and enhancements in Qualys Cloud Platform and Qualys Policy Compliance. This release will also add support for new technologies in Qualys Policy Compliance for OCA.

10.1.0 is scheduled to go live across the shared platforms towards the end of May, 2020. Continue reading …

Policy Compliance Library Updates, April 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The April release includes support for new technologies, 4 CIS Benchmark policies, 2 Industry and Best Practice policies, and provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.

Continue reading …

April 2020 Patch Tuesday – 113 Vulns, 19 Critical, Zero-Day Patches, SharePoint, Adobe ColdFusion

This month’s Microsoft Patch Tuesday addresses 113 vulnerabilities with 19 of them labeled as Critical. The 19 Critical vulnerabilities cover Adobe Font Manager Library (0-day), SharePoint, Hyper-V, Scripting Engines, Media Foundation, Microsoft Graphics, Windows Codecs, and Dynamics Business Central. Adobe released patches today for ColdFusion, After Effects, and Digital Editions.

Continue reading …

Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom

With millions working, learning and collaborating remotely due to COVID-19 challenges, there’s an explosion of remote endpoints running Zoom and other collaboration and productivity applications such as Outlook, Teams, Webex, Slack, Office 365 and more. As remote endpoints are accessing organizations’ critical assets and data, more and more cyberattacks are targeting remote endpoints for exploiting weaknesses and vulnerabilities in collaboration tools like Zoom.

Continue reading …

New Features in Qualys Vulnerability Management and Policy Compliance

Today we are excited to announce several new features, workflows, and new technology support in Qualys Vulnerability Management and Policy Compliance.

These new features will be deployed as a part of QWEB 10.0 and Portal 3.0 release versions.

Continue reading …

Real-Time Alerting and Incident Management for Unauthorized Changes

The security landscape is constantly changing, and you need to adopt proactive measures to stay ahead of security breaches by being extremely vigilant about every little change in your environment. In our previous blog, we discussed how you can leverage the ready-to-use monitoring profiles in your CI/CD pipeline to start monitoring your critical system and application files. However, just setting files to monitor isn’t sufficient. You need a layer of ‘real-time detection’ to eliminate all blind spots in your network. Hence, once you are done configuring the “what to monitor” part in your environment, the next step is to configure the correlation rules to generate real-time alerts for changes and create authorized or unauthorized incidents automatically. Receiving instant alerts upon file changes in your network is the next line of defense mechanism for you to mitigate impending loss of data.

Continue reading …