Posts tagged Vulnerability Management

2 min News

SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 and CVE-2020-25592): What You Need to Know

When combined, a new pair of SaltStack vulnerabilities can result in unauthenticated remote root access on a target system.

3 min Vulnerability Management

Oracle WebLogic Unauthenticated Complete Takeover (CVE-2020-14882/CVE-2020-14750): What You Need to Know

Attackers opting for tricks instead of treats this week as they seek out and attempt to compromise internet-facing WebLogic servers that are vulnerable to CVE-2020-14882.

2 min InsightVM

Rapid7 Announces Improvements to Goals and SLAs in InsightVM

We’re excited to announce that creating a goal or SLA in InsightVM just became a lot simpler.

18 min InsightVM

Scan Template Best Practices in InsightVM

This blog post will give you a ballpark best practice that applies to the majority of environments, as well as some descriptions that outline the thought process, math, and reasoning.

9 min Vulnerability Disclosure

Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities

Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.

1 min InsightVM

Fewer False Alarms, Faster Reporting: InsightVM Introduces New One-Click Fix For False Positives

Let’s talk false positives. They’re frustrating and faulty to anyone in security. The good news? We’ve added even more ways to reduce the noise they cause.

3 min Vulnerability Management

There Goes The Neighborhood: Dealing With CVE-2020-16898 (and CVE-2020-1656) (aka"Bad Neighbor")

Microsoft released a patch for BSoD + RCE CVE-2020-16898 ("Bad Neighbor") in the October 2020 Patch Tuesday vulnerability disclosures along with Juniper releasing CVE-2020-1656 the same week.

4 min InsightVM

How InsightVM Helps You Save Time and Prove Value

In this post, we’ll cover how InsightVM helps teams tackle operational challenges, maximize resources, and prove the value and ROI of their efforts.

3 min Vulnerability Management

Why Every Organization Needs a Vulnerability Management Policy

In this blog post, we will discuss why vulnerability management is critical for any organization looking to reduce risk.

2 min News

HP Device Manager Cavalcade of Critical CVEs (CVE-2020-6925:6927): What You Need to Know

HP released a security bulletin on Sept. 25, 2020, disclosing a set of vulnerabilities in HP Device Manager.

5 min Research

Microsoft Exchange 2010 End of Support and Overall Patching Study

Today's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date.

3 min InsightVM

Decentralize Remediation Efforts to Gain More Efficiency with InsightVM

We’re excited to introduce you to two new InsightVM product updates to help you further reduce friction, save time, and gain greater efficiency.

2 min Vulnerability Management

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.

3 min Vulnerability Management

Vulnerability Remediation vs. Mitigation: What’s the Difference?

In this blog, we dive into better understanding the difference between vulnerability mitigation vs. remediation.

4 min InsightVM

How to Track and Remediate Default Account Vulnerabilities in InsightVM

In this blog post, we discuss older, lesser-known features that can still provide amazing value in your vulnerability management program using InsightVM.