2024

2023

CVSS v4.0 — An improvement or not?

The introduction of a new version typically implies an evolution, marked by improvements and the incorporation of novel features. In the specific context of the CVSS calculator, it becomes pertinent to scrutinize the extensive alterations made to its specifications.

November 29, 2023

What if you can’t trust the processor?

Processor — the pulsating core of every device, orchestrating the intricate dance of data and commands with unparalleled speed and precision. It serves as the nerve center, tirelessly executing a multitude of instructions to bring digital tasks to life. However, this very prowess renders it susceptible to vulnerabilities that have evolved alongside the relentless pursuit of performance.

November 19, 2023

So, you can’t patch a vulnerability, now what? (part 2)

Safeguarding your organization’s systems and software from the exploitation of vulnerabilities is undeniably a paramount concern in the realm of cybersecurity. This imperative task necessitates a multifaceted approach, with the central pillars being the installation of security patches and the fine-tuning of configuration settings. However, it’s crucial to acknowledge that...

November 12, 2023

Hey data scientist, are you really listening to the security data?

Protecting your company against the evolving landscape of both current and past threats is a formidable challenge, one that some consider insurmountable. However, it’s crucial to remember that while it may be a daunting task, it should not be perceived as impossible. In fact, it’s imperative to recognize that modern security strategies need to adapt to the ever-changing nature of cyber threats. This adaptation relies on the effective utilization of data generated by security controls, a process that transforms raw data into actionable events.

October 29, 2023

The ‘lazy’ SOC model

In the contemporary landscape, the paramount importance of security is becoming increasingly evident, casting a spotlight on the escalating workload of the SOC. This burgeoning workload is characterized not only by a surge in the sheer volume of requests and inquiries but also by the growing intricacy of security challenges. In this dynamic environment, when a security incident unfolds, there is an implicit expectation for the SOC to respond promptly and with pinpoint accuracy. Simultaneously, the SOC grapples with a persistent conundrum exacerbated by a global shortage of highly skilled security professionals — recruitment and retention.

October 22, 2023

Do you really need a dedicated SOC for the OT-environment?

By adhering strictly to the Purdue model, your OT environment will exclusively consist of essential devices required for seamless factory operations, effectively mitigating IT-related threats. However, as is often the case, theory and practice diverge. In reality, the situation is more intricate. Let’s delve into the myriad facets of this issue to help you determine the optimal approach for your environment.

September 17, 2023

How to provide more value as a vulnerability specialist to the business?

As a vulnerability specialist, it is your job to discover all known vulnerabilities. And on its own, that is already challenging. You can wonder if you merely provide a report with discovered known vulnerabilities including steps on how to remediate them if you indeed provide value to the business. Remember, if you have set up the rights processes and configured the technology correctly, you are sitting on a pot of gold (high-value data). Therefore, the logical question is what should you be doing as a vulnerability specialist to deliver true value to the business?

June 11, 2023

Are you really remediating all the discovered vulnerabilities?

According to an article published by PcMag, LastPass was breached in 2022 by a 3-year-old vulnerability! You would expect that a security vendor is remediating all discovered vulnerabilities swiftly. But that on its own raises a few questions. Questions like ‘Do you really scan all your assets?’ and ‘Do you really track remediation efforts?’. These are questions that every CISO/Security Manager should be asking its vulnerability scanning team. But is it that simple?

March 5, 2023