Slándáil Research:
Feeds
Feeds
Search
Search Engine
Feed: Qualys Security Blog
Link
Meeting FISMA (M-24-04) Requirements with a Unified Attack Surface Management Strategy
Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt a Threat-Informed Defense to Reduce Risk
Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk
Navigating Evolving Cybersecurity: Recent Trends and Future Outlook
De-risking Your Organization in Spite of NVD Delays
Upgrade Your Cybersecurity Program to a Threat-Informed Defense Approach With Qualys
Top MITRE ATT&CK Tactics and Techniques Leveraged in 2023
Microsoft Patch Tuesday, March 2024 Security Update Review
Microsoft and Adobe Patch Tuesday, March 2024 Security Update Review
Qualys Updates Login Page to Improve User Experience and Highlight Latest Qualys News
Achieving NIST CSF 2.0 Top Tier Adaptable Status
A Comprehensive Assessment of the General Personal Data Protection Law (LGPD)
TruRisk™️ Insights – The Story Behind a TruRisk Score
Ransomware Reality Check: Deciphering Priorities in a Sea of Cyber Extortion
Microsoft Patch Tuesday, February 2024 Security Update Review
Microsoft and Adobe Patch Tuesday, February 2024 Security Update Review
CSAM Drives Accurate TruRisk Scoring with EoL/EoS, Unauthorized Software, and Missing Security Agents
Announcing TotalCloud™ 2.0 with TruRisk™ Insights: The Future of Cloud and SaaS Security
CSAM Strengthens Attack Surface Coverage and Risk Assessment With Third-Party Connectors
Identify and De-Risk Unmanaged, Unauthorized Devices With Qualys CyberSecurity Asset Management (CSAM)
Identify and De-risk Unmanaged, Unauthorized Devices With Qualys CyberSecurity Asset Management (CSAM)
Qualys Patch Management: A Review of New Features in 2023 for Faster Elimination of Cyber Risk
Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()
Advancing Cybersecurity Management With Qualys Cloud Agent
Cybersecurity Must De-Risk the Business
Upgrade to New UI of Qualys Web Application Scanning (WAS): Bringing You Enhanced Web Application Security
Qualys WAS Unveils New Features in an Upgraded User Interface
Announcing the Newest Game-Changing Upgrades of Qualys Cloud Agent
Reduce Risk Faster With the Qualys Risk Reduction Recommendation Report
Oracle Patch Update, January 2024 Security Update Review
Detect and Manage the Risk of Apache Struts (CVE-2023-50164) Comprehensively
TotalCloud Insights: Crafting Effective Indicators of Compromise (IoCs) for Sub-domain Takeover Risk Detection
Dual Zero-Day Threats in Ivanti Connect Secure and Policy Secure Gateways – CVE-2023-46805 and CVE-2024-21887
Facebook Job Scam
Microsoft Patch Tuesday, January 2024 Security Update Review
Microsoft and Adobe Patch Tuesday, January 2024 Security Update Review
Qualys and Microsoft Sunset Embedded Integration of Qualys Solutions for Microsoft Defender for Cloud
Yet Another Apache Struts 2 Vulnerability – CVE-2023-50164
SSH Attack Surface (CVE-2023-48795): Find and Patch With CyberSecurity Asset Management Before the Grinch Arrives
2023 Threat Landscape Year in Review: Part One
2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is
Hidden Risks of Amazon S3 Misconfigurations
TotalCloud Insights: Hidden Risks of Amazon S3 Misconfigurations
Microsoft Patch Tuesday, December 2023 Security Update Review
Microsoft and Adobe Patch Tuesday, December 2023 Security Update Review
Building an AppSec Program with Qualys WAS – Additional Configurations and Review & Confirm
An Easy and Effective Strategy To Shield Your Business From Ransomware
OpenCMS Unauthenticated XXE Vulnerability (CVE-2023-42344)
Building an AppSec Program with Qualys WAS -Introduction and Configuring a Web Application or API: Default Scan Settings
Closing the Visibility Gap: How Qualys Cloud Agent Passive Sensor (CAPS) Eliminates Blind Spots Without the Hassle
Unveiling the Deceptive Dance: Phobos Ransomware Masquerading As VX-Underground
Atlassian Confluence Broken Access Control Vulnerability (CVE-2023-22515)
Microsoft and Adobe Patch Tuesday, November 2023 Security Update Review
QSC23 – Qualys Announces a Directional Shift to Measure, Communicate, and Eliminate Cyber Risk with New Platform and Solutions
De-risking in Practice: How Qualys Customers are Driving Value in Their Organizations
Leveraging AI-informed Cybersecurity to Measure, Communicate, and Eliminate Cyber Risk
Effectively Measure, Communicate, and Eliminate Cloud Risks with TotalCloud 2.0
Effectively Measure, Communicate, and Eliminate Cloud Risks with TotalCloud
Cybersecurity at a Crossroads: New Implications on Business Risk
CVSS v4 is now Live and What do you need to know?
CVSS v4 Is Now Live and What You Need To Know About It
Explaining the Business Value of Qualys Enterprise TruRisk Platform to Your Leadership
Qualys API Best Practices: Policy Compliance – Posture Streaming (PCRS) API
PCI DSS 4.0: How to Ensure Full Compliance with New Requirements
Qualys API Best Practices: Web Application Scanning API
Dear Customers: Stay secure this holiday season with FREE Qualys Endpoint Security!
Safeguard Your Organization this Holiday Season with Endpoint Security from Qualys
Building an AppSec Program with Qualys WAS – Configuring a Web Application or API: Crawl Settings
Qualys Named a Leader in KuppingerCole CSPM Report
Oracle Patch Tuesday, October 2023 Security Update Review
Critical Cisco 0day Exploited – Do you have Blind Spots in your Risk Management?
Building an AppSec Program with Qualys WAS – Part 1
Building an AppSec Program with Qualys WAS – Introduction
Discover and Assess the Risk of Embedded Open-Source Software (OSS) Vulnerabilities
Qualys FIM Playbook for PCI 4.0
How does Qualys TotalCloud prevent secret leaks for Containers?
CVE-2023-44487 HTTP/2 Rapid Reset Attack
Microsoft Patch Tuesday, October 2023 Security Update Review
Microsoft and Adobe Patch Tuesday, October 2023 Security Update Review
The Qualys Security Conference Mumbai: That’s a Wrap!
Curl 8.4.0 – Proactively Identifying Potential Vulnerable Assets
Achieving DORA Compliance with Qualys: A Comprehensive Approach
PCI DSS 4.0 FIM Requirements Simplified with Qualys File Integrity Monitoring
CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so
Latest Trend in Mac Vulnerabilities and How to Efficiently Address Them
Qualys Named a Market Leader in GigaOm Radar Report for Application Security Testing
Mitigating Risk with Custom First-Party Software and Application Components: A CISOs’ Guide
Qualys Survey of Top 10 Exploited Vulnerabilities in 2023
The MGM Cybersecurity Breach: Learnings and Prevention Measures
Qualys Is the Outperformer in the New GigaOm Radar Report for Continuous Vulnerability Management
Microsoft Patch Tuesday, September 2023 Security Update Review
Microsoft and Adobe Patch Tuesday, September 2023 Security Update Review
Risk Fact #5: Keeping the Pace of Remediation at Cloud Scale Requires Automation
Qualys Top 20 Exploited Vulnerabilities
Qualys Top 20 Most Exploited Vulnerabilities
Elevate Your Security Posture: Implementing CIS Top 18 Controls Through Qualys Cloud Platform
Risk Fact #4: Malware in your Cloud means Exploitation is underway
Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities
Risk Fact #3: Weaponized Vulnerabilities Give Attackers a Key to Your Cloud
Risk Fact #3: External-Facing Vulnerabilities Cloud Security Research Risk Fact
Part III: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically
Risk Fact #2: External-Facing Vulnerabilities Are Low-Hanging Fruit for Attackers
Risk Fact #2: Weaponized Vulnerabilities Cloud Security Research Risk Fact
Microsoft Patch Tuesday, August 2023 Security Update Review
Microsoft and Adobe Patch Tuesday, August 2023 Security Update Review
Ensuring Compliance with DORA: How Qualys Solutions Can Help
Qualys Expands Cloud Platform for First-Party Application Risk Detection and Remediation
Risk Fact #1: Cloud Misconfigurations Enable Exploitation by Attackers
Beating the Challenge of Cloud Detection and Response with Qualys TotalCloud Deep Learning AI
Risk Fact #1: Cloud Migration Exploitation Cloud Security Research Risk Fact
Part II: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically
Who Protects PII – Consumers or Companies?
Add Unique Asset Context with Custom Attributes in CSAM
Part I: Implementing Effective Cyber Security Metrics That Reduce Risk Realistically
Oracle Patch Tuesday, July 2023 Security Update Review
CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent
Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)
Evaluate Your Windows Endpoints for Storm-0978 Activity With Qualys Endpoint Security
Microsoft and Adobe Patch Tuesday, July 2023 Security Update Review
An In-Depth Look at the Latest Vulnerability Threat Landscape (Part 1)
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape
How Qualys Drives PCI DSS 4.0 Compliance for File Integrity Monitoring
Qualys Performance Tuning Series: Qualys Cloud Agent Configuration Best Practice
Supporting Our U.S. Federal Customers for BOD 23–02 by Mitigating the Risk From Internet-Exposed Management Interfaces
Qualys Responds to CISA Alert: Binding Operational Directive 23-02
CVSSv4 Public Preview Announcement
Microsoft Patch Tuesday, June 2023 Security Update Review
Microsoft and Adobe Patch Tuesday, June 2023 Security Update Review
Empower Your Security Team With Our Robust Script Library
Progress MOVEit Transfer Vulnerability Being Actively Exploited
Behind the Screen: Three Vulnerabilities in RenderDoc
TotalCloud Empowered with CloudView Integration
Qualys Gateway Service now available in AWS, Azure, and Google Cloud Marketplaces
New Strain of Sotdas Malware Discovered
Adopting an Effective and Easy To Implement Zero Trust Architecture
New TSA Cybersecurity Emergency Action Rule Impacts Cybersecurity and Compliance
Microsoft Patch Tuesday, May 2023 Security Update Review
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
Qualys Virtual Cyber Risk Summit: That’s a Wrap!
Qualys Launches Inaugural Cyber Risk Summit to Share Expert Insights
Qualys Security Solutions Now Support Alibaba Cloud
Oracle Patch Tuesday April 2023 Security Update Review
Qualys Security Updates: Cloud Agent for Windows and Mac
Microsoft and Adobe Patch Tuesday April 2023 Security Update Review
3CXDesktopApp Backdoored in a Suspected Lazarus Campaign
Augment Security Asset Tagging with Custom Assessment and Remediation (CAR)
Risk Fact #5: Infrastructure Misconfigurations Open the Door to Ransomware
Risk Fact #4: Misconfigurations Still Prevalent in Web Applications
Risk-based Vulnerability Management Combined With A Cyber Risk Management Platform
Risk Fact #3: Initial Access Brokers Attack What Organizations Ignore
Risk Fact #2: Automation Is the Difference Between Success and Failure
Risk Fact #1: Speed Is the Key to Out-Maneuvering Adversaries
ACSC Essential 8 Cybersecurity Strategies, Maturity Levels, and Best Practices
A New Approach to Discover, Monitor, and Reduce Your Modern Web Attack Surface
Staying Ahead of Ransomware Threats
The March 2023 Patch Tuesday Security Update Review
Qualys VMDR & Jira Integration Now Available
What’s Next After Log4Shell?
Automating Vulnerability Management with Qualys VMDR & ServiceNow
Forta GoAnywhere Zero-Day Exploited By Threat Actors
The February 2023 Patch Tuesday Security Update Review
Don’t forget about risk remediation of your macOS assets
Real-Time Defense of Multi-Cloud Environments From Malicious Attacks and Threats
Announcing General Availability of Qualys TotalCloud
Blind SQL Injection – Content-Based, Time-Based Approaches
Introducing Enterprise TruRisk Management from Qualys
Introducing Qualys ML-Based Threat Intelligence
Launching Qualys Cloud Threat Database
Ransomware Targets Outdated VMware ESXi Hypervisors: Protect Your Systems Now!
macOS Patching Is Here!
Is your FIM Solution Cost and Time Efficient?
CVE-2023-25136: Pre-Auth Double Free Vulnerability in OpenSSH Server 9.1
Why FedRAMP High Authorization Can Ensure High Cybersecurity Maturity
Qualys – An Industry Leader in Security Configuration Assessment Space
Managing Security Configuration Risk with the Most Comprehensive Configuration Compliance Solution!
The January 2023 Oracle Critical Patch Update
Detection of Vulnerabilities in JavaScript Libraries
The January 2023 Patch Tuesday Security Update Review
Driving CISA Compliance with Qualys
Implement Risk-Based Vulnerability Management with Qualys TruRisk™: Part 3
BitRAT Now Sharing Sensitive Bank Data as a Lure
Qualys Threat Research Unit: Threat Thursdays, December 2022
Implement Risk-Based Vulnerability Management with Qualys TruRisk™ : Part 2
The December 2022 Patch Tuesday Security Update Review
Dissecting the Empire C2 Framework
Operationalizing Qualys VMDR With Qualys TruRisk™ – Part 1
Implement Risk-based VM with Qualys TruRisk™ – Part 1
Implement Risk-Based Vulnerability Management with Qualys TruRisk™ : Part 1
The 9th Google Chrome Zero-Day Threat this Year – Again Just Before the Weekend
Out-of-Band Detections Using Qualys Periscope
Identify Server-Side Attacks Using Qualys Periscope
Effective Vulnerability Management with SSVC and Qualys TruRisk
Effective Vulnerability Management with Stakeholder Specific Vulnerability Categorization (SSVC) and Qualys TruRisk
Race condition in snap-confine’s must_mkdir_and_open_with_perms() (CVE-2022-3328)
Snapd Race Condition Vulnerability in snap-confine’s must_mkdir_and_open_with_perms() (CVE-2022-3328)
Qualys Broadens Security Offerings for Oracle Cloud Infrastructure
Qualys Broadens Security Offerings for Oracle Cloud Infrastructure
Don’t Spend Your Holiday Season Patching Chrome
Ease Your Cybersecurity Maturity Model Certification Journey With Qualys
QSC 2022: That’s a Wrap!
QSC 2022: Listening to the Voice of the Customer
QSC 2022: Qualys’ Threat Research Unit (TRU) – Our Shield Is Your Shield
QSC 2022 Day 1 Recap: Qualys Gives Organizations More Security in an Ever-Expanding Threat Landscape
QSC 2022 Kickoff: Quantifying and Qualifying Digital Cyber Risks
November 2022 Patch Tuesday | Microsoft Releases 65 Unique Vulnerabilities with 10 Critical.
November 2022 Patch Tuesday | Microsoft Releases 65 Unique Vulnerabilities with 10 Critical; Adobe Releases 0 Advisories (for the first time in six years).
November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities with 10 Critical; Adobe Releases 0 Advisories (for the first time in six years).
November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities with 10 Critical; Adobe Releases Zero Advisories (for the first time in six years).
Get Your Patch Tuesday Vulnerabilities Patched on Tuesday
OpenSSL Vulnerability Recap
Why Is Snapshot Scanning Not Enough?
Introducing TotalCloud – Cloud Security Simplified
Qualys Research Alert: Prepare for a Critical Vulnerability in OpenSSL 3.0
Qualys Research Alert: OpenSSL 3.0.7 – What You Need To Know
New Chrome Zero Day (again). Qualys can automate your browsers patching
Don’t spend another weekend patching Chrome
Chrome Zero Day – Just Before the Weekend (again)
Qualys Research Team: Threat Thursdays, October 2022
Text4shell: Detect, Prioritize and Remediate The Risk Across On-premise, Cloud, Container Environment Using Qualys Platform
Text4Shell: Detect, Prioritize and Remediate The Risk Across On-premise, Cloud, Container Environment Using Qualys Platform
Join Us November 7-10 for Qualys Security Conference 2022 Las Vegas!
Fingerprinting Web Applications and APIs using Qualys Web Application Scanning
Leeloo Multipath: Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973)
CVE-2022-44889: Detect Text4Shell
CVE-2022-42889: Detect Text4Shell via Qualys Container Security
CISA BOD 23-01: Meeting and Exceeding CISA Requirements with Qualys
Not Your Average FIM: Why Customers Choose Qualys FIM
Creating Awareness of External JavaScript Libraries in Web Applications
Award-winning Qualys Vulnerability and Compliance Solution now available on IBM zSystems & LinuxONE
JSON Web Token (JWT) Weaknesses
JSON Web Token (JWT) Weaknesses
October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based)
October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 29 Vulnerabilities with 17 Critical.
In-Depth Look Into Data-Driven Science Behind Qualys TruRisk
NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
Qualys Performance Tuning Series – Remove Stale Assets for Best Performance
WhatsApp Fixed Critical Vulnerabilities That Could Let an Attacker Hack Devices Remotely – Automatically Discover and Remediate Using VMDR Mobile
WhatsApp Fixed Critical Vulnerabilities that Could Let an Attacker Hack Devices Remotely – Automatically Discover and Remediate Using VMDR Mobile
Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Platform
Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Cloud Platform
Spelunking Your Qualys Data with Splunk
Qualys Threat Research Thursday
Remediate Your Vulnerable Lenovo Systems with Qualys Custom Assessment and Remediation
Optimizing a Web Application Security Scan for bWAPP
Prepare Your Organization for Compliance with the NYDFS Cybersecurity Regulation
Why Organizations Struggle with Patch Management (and What to Do about It)
September 2022 Patch Tuesday | Microsoft Releases 63 Vulnerabilities with 5 Critical, plus 16 Microsoft Edge (Chromium-Based); Adobe Releases 7 Advisories, 63 Vulnerabilities with 35 Critical.
Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications
Introducing Qualys Threat Research Thursdays
An End-to-End Approach to Next-Gen Security for Web Applications & APIs