Back to qualys.com
462 posts

Countdown to Black Hat: Top 10 Sessions to Attend — #3

We’re getting closer to Black Hat USA 2019, whose program is loaded with scores of research briefings and training courses. For attendees, it’s always a challenge to decide which ones to put on their schedule — and which ones to leave out.

To help with this task, we’re recommending a Black Hat USA 2019 session every week. Adding to our top recommended sessions, here’s our third choice: Windows Enterprise Incident Response.

This course teaches how to do triage on a potentially compromised system, uncover attack evidence, recognize persistence mechanisms, and more. Key takeaways include learning incident response principles, and scaling analysis to an enterprise environment.

The instructors are Mandiant consultants Austin Baker and Julian Pileggi, who have expertise in digital forensics, incident response, proactive security and threat hunting. The course is intended for people with backgrounds in forensic analysis, pen testing, security architecture, sysadmin, incident response and related areas.

Continue reading …

Countdown to Black Hat: Top 10 Sessions to Attend — #2

Black Hat USA 2019 is still two months away, but it’s never too early for attendees to start planning their schedule. That’s why each week we’re recommending one session from the scores of research briefings and training courses that will be offered at the conference. Following our first pick last week, here’s our second recommendation: Attacking and Securing APIs.

This hands-on, two-day course will teach participants how to build secure web and cloud APIs, which is increasingly important as their usage skyrockets. The instructor is Mohammed Aldoub, a security consultant and trainer with 10 years of experience who worked on Kuwait’s national cyber security infrastructure and focuses on APIs, secure DevOps, cloud security and cryptography.

The course is designed for software developers, security engineers, bug bounty hunters and others. Key takeaways include creating secure web APIs and microservices infrastructure; assessing the security of API implementation and configuration; and using cloud-native tools and infrastructure to deliver secure APIs.

Continue reading …

Countdown to Black Hat: Top 10 Sessions to Attend — #1

Black Hat USA 2019 offers a packed and impressive lineup of research briefings and hands-on training courses for the 19,000-plus security pros expected to attend this year’s event.

The training sessions provide both offensive and defensive skills that security pros can use to tackle critical threats affecting applications, IoT systems, cloud services, and more. Meanwhile, the briefing sessions feature cutting-edge research on the latest infosec risks and trends. All sessions are led by expert trainers and researchers.

To help attendees decide which sessions to choose, we’ve selected ten that we think will be particularly relevant and valuable for Qualys customers, and we’ll highlight one each week here on our blog. Here’s our first recommendation: Advanced Cloud Security And Applied Devsecops.

This highly technical course delves deep into practical cloud security and applied DevSecOps for enterprise-scale cloud deployments, and focuses on IaaS and PaaS.

“Real-world cloud security is most definitely not business as usual. The fundamental abstraction and automation used to build cloud platforms upends much of how we implement security. The same principles may apply, but how they apply is dramatically different, especially at enterprise scale,” reads the course abstract.

Continue reading …

Integrating Threat and Vulnerability Management with Patch Management: The (Feasible) Quantum Leap

The rise of sophisticated attacks combined with the security-skills shortage have driven many organizations to go back to basics and review their processes for vulnerability and patch management. The approach is definitely a winning one, given that shrinking and managing the vulnerability surface makes it harder to target and compromise.

Assessing the attack surface requires strengthening key capabilities, such as increasing visibility across the IT landscape and improving the detection, prioritization and remediation of vulnerabilities at scale. Qualys has been boosting these capabilities for its customers over the last two decades.

Read on to learn how Qualys is addressing enterprises’ patch management challenges with integrated breach prevention that includes its new Patch Management cloud application.

Continue reading …

Boosting Patch Management Is Key for Breach Prevention

Vulnerabilities that vendors have disclosed and issued patches for remain a major source of breaches. Why? Too many organizations take too long to deploy those patches — or never do.

That was the case with WannaCry. The ransomware exploited Windows vulnerability MS17-010, which Microsoft disclosed in mid-March 2017, rating it “Critical” and issuing a patch for it. The attacks began two months later. It was only then that most affected organizations began to install the patch. When the dust cleared, WannaCry had infected 300,000-plus systems, disrupting critical operations globally.

So why does this baffling problem persist?

As is true for most IT and security challenges, the patch management problem and its solution depend on a combination of the technology being used and of the processes in place.

Read on to learn about patch management best practices, and about Qualys’ new patch management cloud app.

Continue reading …

Qualys Cloud Platform (VM, PC) 8.19.1 New Features

This new release of the Qualys Cloud Platform (VM, PC), version 8.19.1, includes newly added technology support for HP Safeguard and CISCO ACS 5, collected via Qualys Out-of-Band Configuration Assessment.

Continue reading …

LinkedIn Faux Pas Shines Light on Certificate Management

Visibility and control of digital certificates remains a challenge for even the largest enterprises, as evidenced by a high profile incident this week affecting Microsoft’s LinkedIn. Users accessing LinkedIn on Tuesday got a warning from their browsers alerting them about an insecure connection. The culprit: An expired TLS certificate.

In a statement to the press, LinkedIn said it experienced a “brief delay” in updating a digital certificate, and stated that member data wasn’t affected. Yet, the incident spotlights a nagging issue that frequently trips even the most technically savvy companies in the world: Digital certificate management.

Qualys SSL Labs’ SSL Pulse, which monitors the quality of SSL/TLS support across 150,000 of the most popular websites in the world, rated about 33% of the sites monitored as having inadequate security in its May report. A few thousand of these sites had expired certificates.

Continue reading …

Boost Security with These Gartner-Recommended Projects

Is your security team struggling to decide which projects will slash risk the most without breaking the bank? If so, we believe your security leaders can end analysis paralysis by perusing Gartner’s “Top 10 Security Projects for 2019” report. As its title states, the report recommends ten security projects for 2019, and the projects selected are supported by technologies available today, address the changing needs of cybersecurity and support what Gartner calls a CARTA (Continuous Adaptive Risk and Trust Assessment) strategic approach through risk prioritization.

Below we highlight five of the projects, provide Gartner’s take, offer our opinion, and explain how Qualys can help you implement them.

Continue reading …

Verizon’s DBIR Highlights Key Drivers of Security Risk

It’s that time of the year when Verizon updates us on the latest trends in the global threat landscape with its Data Breach Investigations Report (DBIR). The findings in this year’s report are based on data provided by more than 70 sources (including Qualys) about more than 41,000 security incidents, including more than 2,000 confirmed data breaches, across a variety of geographies (over 80 countries) and industries. A privileged observation point indeed.

While the very informative 78-page report touches on a wide range of areas,  I’ll focus on three that are particularly relevant for Qualys customers:

  • Who are hackers’ preferred targets, and why
  • The importance of reducing both the time it takes to discover security problems, such as vulnerabilities or breaches, and the time it takes to fix them
  • How lack of visibility, human error and careless misconfigurations heighten organizations’ security risks

Read on to learn more about the evolution (or is it “EVILution”) of the threat landscape in the past year, and find out about recommended actions.

Continue reading …

Qualys Cloud Platform (VM, PC) 8.19 New Features

This new release of the Qualys Cloud Platform (VM, PC), version 8.19, contains several new features and improvements in Qualys Vulnerability Management and Policy Compliance, which include an improved display of deadlines for remediation policies in VM; additional support for MS Exchange Server authentication, and default selection of layout options in policy report templates in PC; 2 new options for Sybase authentication, support for Microsoft Azure Key Vault in Qualys Cloud Platform, as well as a change in an existing option name (“Scan agent hosts in my target”) in the Launch Vulnerability Scan page.

Continue reading …