With Black Hat USA 2019 less than a month away, we continue our blog series with weekly recommendations of training courses and research briefings to attend at the conference. Our pick this week: the research briefing Controlled Chaos: The Inevitable Marriage of DevOps & Security.

This 50-minute presentation focuses on the increasingly critical issue of securing DevOps, as this approach to agile and iterative software development and IT operations becomes the “business engine” for organizations.

Kelly Shortridge, Capsule8’s product strategy VP, and Nicole Forsgren, Google Cloud researcher and strategist, will explain the DevOps basics and the resilience and chaos engineering concepts. The speakers will address the importance of marrying DevOps and security, and the necessary shift away from security for its own sake to security as an enabler of business objectives.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

Continue reading …

This new release of the Qualys Cloud Platform (VM, PC), version 8.20.1, includes support for new technologies and platforms, addition of new technology for Windows UDCs as well as an update in an existing option name (“Scan agent hosts in my target”) in the Launch Vulnerability Scan page.

Continue reading …

This month’s Microsoft Patch Tuesday addresses 77 vulnerabilities with 15 of them labeled as Critical. Of the 15 Critical vulns, 11 are for scripting engines and browsers, with the remaining four covering DHCP Server, GDI+, .NET Framework, and Azure DevOps Server / Team Foundation Server. In addition, Microsoft has released Important patches for two actively exploited privilege escalation vulnerabilities, as well as a SQL Server RCE. Microsoft also issued two advisories for Outlook on the web and Linux Kernel vulnerabilities. Adobe issued patches today for Bridge CC, Experience Manager, and Dreamweaver.

Continue reading …

Black Hat USA 2019, which is only one month away, offers scores of training courses and research briefings, so every week we’re picking a session we believe Qualys customers will find valuable. This week’s selection is the training course Adversary Tactics — Detection.

This course focuses on abnormal behaviors and attackers’ “tactics, techniques, and procedures” (TTPs). It teaches participants how to create hypotheses based on TTPs to perform threat hunting operations and detect attacker activity. Students will also learn how to use free and open source data collection and analysis tools to gather and analyze large amounts of host information to detect malicious activity. 

Key takeaways from the course will include learning how to conduct effective, continuous hunt operations; run an end-to-end hunt operation; and develop metrics that measure the effectiveness of detection capabilities. Designed for defenders wanting to learn how to hunt in enterprise networks, this four-day course will be taught by experts from SpecterOps, a security firm that provides adversary-focused services.

Continue reading …

The Qualys Training team released a major update to the Vulnerability Management Certified Training Course. We’ve also built out two new video libraries showing how to assess business process risk and how to secure cloud infrastructures in DevSecOps environments using AWS Golden AMI pipelines. And we’ve recorded some videos on high-demand topics including agentless tracking, unified view, and getting your Qualys data into Splunk.

Continue reading …

With Black Hat USA 2019 fast approaching, we continue our blog series highlighting training sessions and research briefings that we think Qualys customers will find relevant and valuable. Our pick this week is the training session An Introduction To IoT Pentesting With Linux.

The course offers “a hands-on, example-driven introduction to IoT hacking” and focuses on tactics for assessing and exploiting devices. Participants will learn why perimeter security falls short for securing private LANs from Internet attackers, and how vulnerability assessment techniques can be implemented using the Bash Unix shell and command language. Such skills are critical today due to the booming popularity and weak security of Internet of Things systems.

The two-day course is aimed at anyone wanting a hands-on introduction on using Linux to perform software-based security analysis of embedded Linux devices. The instructor, Craig Young, is a Tripwire computer security researcher who has used the course’s techniques to identify over 100 CVEs on embedded IoT devices. He has discovered dozens of vulnerabilities in products from Google, Amazon, Apple and others.

Continue reading …

This new release of the Qualys Cloud Platform (VM, PC), version 8.20, includes several new features in Qualys Cloud Platform and additional support for multiple technologies in Qualys Policy Compliance.

Continue reading …

This release of the Qualys Cloud Platform version 2.39 includes updates and new features for Out-of-Band Configuration Assessment (OCA), Vulnerability Management, and Web Application Scanning, highlights as follows.

Continue reading …

We’re getting closer to Black Hat USA 2019, whose program is loaded with scores of research briefings and training courses. For attendees, it’s always a challenge to decide which ones to put on their schedule — and which ones to leave out.

To help with this task, we’re recommending a Black Hat USA 2019 session every week. Adding to our top recommended sessions, here’s our third choice: Windows Enterprise Incident Response.

This course teaches how to do triage on a potentially compromised system, uncover attack evidence, recognize persistence mechanisms, and more. Key takeaways include learning incident response principles, and scaling analysis to an enterprise environment.

The instructors are Mandiant consultants Austin Baker and Julian Pileggi, who have expertise in digital forensics, incident response, proactive security and threat hunting. The course is intended for people with backgrounds in forensic analysis, pen testing, security architecture, sysadmin, incident response and related areas.

Continue reading …