This month, Fortinet released a significant security update that addressed multiple vulnerabilities. This addresses issues across its product portfolio, including FortiOS, FortiProxy, FortiManager, and FortiAnalyzer. Such disclosures are not uncommon. However, they pose a challenge to network and security professionals striving to secure their networks. Already overwhelmed, news of new vulnerabilities might not even cut […]
Originally published in Network Computing on December 26, 2024 Cyber resilience is crucial as organizations realize that attacks are inevitable. In 2024, 94% of cloud users experienced threats monthly, with 62% of those successfully compromised. Network devices are often overlooked in cyber resilience discussions, despite their importance to business operations. This piece explores why cyber
In today’s network-dependent world, resilient infrastructure is crucial for uninterrupted business operations despite disruptions. However, network engineers face growing challenges as cybercriminals leverage artificial intelligence (AI) to exploit vulnerabilities quickly. In 2023, the average time to exploit a vulnerability was just 44 days, with 25% of vulnerabilities exploited on the same day they were discovered
Originally published in VMblog on October 10, 2024 The importance of cyber resilience for network infrastructure cannot be overstated. Networks are essential for the digital landscape, and any disruption can significantly impact business operations. Threat actors are increasingly skilled at exploiting vulnerabilities, with attackers in 2023 averaging just 44 days to exploit known issues, and
Originally published on August 7, 2024 by Packet Pushers and edited for length and clarity This discussion concerns network configuration compliance in the face of never-ending common vulnerabilities and exposures, or CVEs. If you can automate that compliance, you have a shot at keeping pace with the bots attacking those CVEs and attempting to breach
Insert at the top: Originally published on August 6, 2024, by CyberRisk TV and edited for length and clarity. This discussion focuses on the disconnect between security monitoring, which has become more mature over the years, and remediating security vulnerabilities, which are still stuck in the Dark Ages. My guest is Rekha Shenoy, who will
This blog series spotlights real-world moments in which network engineers use BackBox security-centric automation to save their organizations from costly downtime and surprises. Synopsis A Managed Service Provider (MSP) customer faced an urgent need to activate licenses across 92 Palo Alto firewalls. To make matters more challenging, this had to be accomplished within two days,
The US Cyber Information Security Agency in ST18-001 warns that Network infrastructure devices are often easy targets for attackers. Among the steps they point to for keeping infrastructure secure, they suggest that network infrastructure device’s OS be kept up to date because patches often contain security vulnerability fixes. In contrast to this, many teams we