Qualys Blog

www.qualys.com
3 posts

SANS 2017 Cybersecurity Trend Report Checklist

The SANS Institute recently released its 2017 report on cybersecurity trends. We examined the report’s six threat trends in a recent blog post, as well as in a webcast with the report’s author, security analyst John Pescatore, and with Qualys Product Management Vice President Chris Carlson. Now, we’re providing you with a useful checklist to help put you in a better position to respond these trends, which are expected to continue to dominate this year.

Continue reading …

SANS Study: To Take On New InfoSec Challenges, First Get the Basics Right

A major challenge for enterprise InfoSec teams is keeping their finger on the pulse of two constantly changing elements: external cyber threats and internal technology needs.

Staying a step ahead and proactively adjusting their organization’s security posture accordingly is a must in order to keep attack risks as low as possible. So what are the major shifts in threats and business technology use that CISOs and their staff face in 2017? And how should they respond to these changes?

You will find comprehensive answers to those and other critical InfoSec questions in a new SANS Institute whitepaper written by security analyst John Pescatore.

Continue reading …

Examining the Current State of Database Security

Considering that database systems hold extremely valuable and sensitive information, one would assume that most organizations would fiercely protect these “crown jewels” with great care. Unfortunately, that is not the case.

Throngs of databases in organizations worldwide are unsafe, at high risk of being breached by malicious hackers, rogue employees and crooked partners. This sorry state of database security puts financial data, customer information, health records, intellectual property treasures and more in grave danger.

Below we’ll discuss the two main causes for database security breakdowns — unpatched vulnerabilities and configuration errors — along with helpful tips for reducing the risk of database breaches.

Continue reading …