What is a Zero-Day Vulnerability and How Can It Impact Businesses?

Cyware | February 09, 2020

A zero-day vulnerability is a weakness within a computer network or software program that is unknown to its developers. The term ‘zero’ indicates the same-day window in which exploits often occur. Zero-day attacks come without warning. Such attacks can pose a high risk for a company or business if appropriate actions are not taken at the right time. It can even lead to loss of millions of dollars and put untold volumes of private info at risk. A zero-day vulnerability is a weakness within a computer network or software program that is unknown to the developers or parties responsible for patching the flaw. The term ‘zero’ here indicates the same-day window in which exploits often occur. For example, a global site host has released an updated version of the platform on a specific day.

Spotlight

Cyber security risk exists throughout an organization through its people, process, and technology. Where is information stored? What are the external threats to that information? How can that information be accessed internally? What are your internal threats? Have you considered the environmental threats to your information? To protect its information, it is imperative for the organization to be able to answer these questions. Then, the organization can begin the process of mitigating its cyber security risk.


Other News
SOFTWARE SECURITY

GrammaTech and T.E.N. Announce Call for Nominations for Product Security Executive of the Year Awards

GrammaTech | August 16, 2022

GrammaTech, a leading provider of application security testing products and software research services, and T.E.N., founder of the Information Security Executive® (ISE®) of the Year Awards, today announced the Product Security Executive (PSE) of the Year Awards. This annual competition will recognize individuals whose contributions have delivered advancements in security for embedded or commercial software products. Nominations are now being accepted through October 10, 2022 at The judging panel includes: Edna Conway, Vice President, Security & Risk Officer, Cloud Infrastructure at Microsoft, former CSO, Cisco Global Value Chain and a member of the Executive Committee of the U.S. Department of Homeland Security Task Force on ICT Supply Chain Risk Management. Malcolm Harkins, Chief Security & Trust Officer with Epiphany Systems, former Chief Security and Privacy Officer (CSPO) and the first CISO at Intel Corporation. Troy Rydman, Senior Practice Leader - Global Strategic Accounts, Security, Risk, & Compliance for Amazon Web Services (AWS) and former cybersecurity executive with Silicon Valley Bank, with fourteen years of increasing cybersecurity leadership. “In a world of increasingly autonomous products, from cars to appliances to robots, managing the integrity of the software that enables our connected world is critical. The Product Security Executives who drive quality, security and safety of our many devices are pivotal to the digital economy. “It is time to recognize these individuals and the significant contributions they make in securing the software at the heart of our hyper-connected world.” Edna Conway, VP, Security & Risk Officer, Microsoft Cloud Infrastructure Eligibility U.S.-based executives, including those with director, vice president, chief product security officer or similar titles, who are responsible for product security management are eligible for consideration. This includes individuals overseeing security at all stages of the product development lifecycle for software, firmware and/or embedded code; as well as secure product design, risk and vulnerability management and standards/regulatory compliance. There is no cost to enter. “There’s an increased emphasis on maintaining the safety and security of embedded software across virtually all industries, which is becoming the responsibility of a Product Security Executive whether or not the title exists,” said Andrew Meyer, Chief Marketing Officer for GrammaTech. “We collaborated with T.E.N. to create this award competition and recognize the men and women on the front lines of this new discipline, honor their accomplishments and share their best practices with the industry.” “The number of IoT devices is in the billions and we will continue to see an ever-growing number of devices become smart and connected,” explains Marci McCarthy, CEO and President of T.E.N. “Every device is at risk for cyberattacks, and threat actors are taking advantage of every opportunity to exploit product security vulnerabilities. Demand for product security has thus grown across multiple industries, especially consumer electronics, automotive and healthcare. Because product security is a relatively new concept whose time has come, we are thrilled to partner with GrammaTech to recognize individuals for advancements and innovations leading to more secure products going to market.” About T.E.N. T.E.N. is an award-winning technology and security networking and marketing firm that hosts relationship-building events between top Information Security executives, industry pioneers and innovative solution providers within the cybersecurity industry. Its flagship program, the nationally acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals, honoring both leading executives and deserving project teams. About GrammaTech GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers.

Read More

SOFTWARE SECURITY

Red Canary and Palo Alto Networks expand collaboration to provide detection and response across security landscape

Red Canary | July 08, 2022

Red Canary, the Managed Detection and Response (MDR) trailblazer, has expanded its collaboration with industry leader Palo Alto Networks to help deliver on a bold vision: unifying threat investigation across a wide range of Palo Alto Networks products. To help achieve this goal Red Canary is now a part of the Palo Alto Networks Cortex® MSSP partner program. Today, Red Canary MDR supports Palo Alto Networks firewalls by integrating with PAN-OS version 9 and higher. This integration allows security alerts and event data generated by firewall appliances to feed into the Red Canary MDR platform for further investigation and remediation. Red Canary is working with Palo Alto Networks as an MDR partner for the Cortex XDR product, which includes built-in endpoint protection. While many MDR offerings simply ingest alerts generated by endpoint security tools, Red Canary is working toward being able to ingest raw telemetry as well as alerts from the Cortex XDR endpoint agent. Red Canary anticipates this will allow it to reduce false positives by up to 99% and significantly increase the detection of confirmed threats compared to what endpoint security tools can identify on their own. "The detailed endpoint telemetry generated by Cortex XDR enables leading scores in actual hands-on tests, such as MITRE's recent ATT&CK® evaluation," said Rick Caccia, SVP of Marketing for Palo Alto Networks. "Red Canary's ability to manage and analyze large volumes of endpoint, network, and other types of telemetry will make them an ideal partner for solving customers' most pressing security challenges. Together, we can help protect organizations from ransomware, phishing, and other modern threats." To complete our vision of unifying threat investigation across the Palo Alto Networks product line, Red Canary is also developing integrations for Prisma® Cloud, Threat Prevention, and the WildFire Analysis Environment. Red Canary's MDR everywhere strategy allows events from Palo Alto Networks products to be combined with multi-vendor events in a unified timeline. To learn more, visit https://redcanary.com/cyber-threat-investigation/. "Red Canary is meeting customer demand for security across the modern IT environment by integrating alert data from network, identity, and SaaS applications – all in a unified timeline. Our collaboration with Palo Alto Networks layers best-in-class managed detection and response across an industry-leading portfolio of cybersecurity solutions. The result is more choice and better security for our customers." Chris Rothe, CTO, Red Canary About Red Canary Red Canary stops cyber threats no one else does so organizations can fearlessly pursue their missions. The company's managed detection and response (MDR) solution works across enterprise endpoints, cloud workloads, network, identities, and SaaS apps. Red Canary operates as a security ally for customers and partners by providing unlimited 24×7 support, deep threat expertise and hands-on remediation to prevent threats from turning into business-defining incidents.

Read More

SOFTWARE SECURITY

Whistic Announces Support of Google’s Minimum Viable Secure Product Framework

Whistic | May 23, 2022

Today, Whistic, the proactive vendor security network for both buyers and sellers, announced support for the Minimum Viable Secure Product (MVSP) framework, a security baseline developed by Google in a collaborative effort with Okta, Slack, and Salesforce. Until the introduction of MVSP, there was no commonly accepted baseline available among security professionals that indicated the importance of security controls. With MVSP, vendors can demonstrate to their customers that they are meeting, at a minimum, the baseline of security as outlined by some of the industry’s top security professionals. “We believe a vendor-neutral security baseline is an important step in establishing minimum acceptable security requirements for enterprise software and services. “By assuring enterprise solutions include the core security building blocks, we can work to reduce third-party risk, and promote security as a key part of the product development lifecycle.” Chris John Riley, Senior Security Engineer at Google Vendors that utilize Whistic to share security documentation via the MVSP help streamline and accelerate the security review process for their customers, helping them to rapidly understand the vendor’s security posture. “Enabling companies to showcase their security posture using the MVSP and other industry frameworks is a key step toward ensuring transparent relationships between vendors and their customers,” stated Nick Sorensen, Whistic CEO. “In addition to announcing support of MVSP, we recently launched Whistic Basic Profile that enables any business regardless of size to proactively share their security posture with customers and publish it to the Whistic Vendor Security Network for free.” Basic Profile allows vendors to self-assess against industry standard frameworks, including MVSP. It also includes a limited number of Profile shares, and the ability to publish to the Whistic Trust Catalog, enabling Whistic customers to conduct Zero-Touch Assessments of the vendor’s security posture. “Okta has already added MVSP to our Whistic Profile and we look forward to seeing more and more of our vendors adopt this baseline in their Profiles,” said Gen Buckley, Director, Customer Assurance Customer Trust at Okta Security and founding committee member of MVSP. “We are always looking for ways to streamline our vendor security reviews and drive a more secure ecosystem, and MVSP helps accomplish that while also promoting transparency and collaboration between vendors and customers.” Marat Vyshegorodtsev, Enterprise Security JAPAC representative at Salesforce adds, “Organizations of all sizes often purchase dozens of software products managed by third parties. The onboarding process alone can take weeks or months, especially when it comes to vetting the security posture for each. MVSP helps solve this—it standardizes this process and eliminates overhead, complexity, and confusion for both parties while ensuring the minimum-security requirements.” About Whistic Located in the heart of the Silicon Slopes in Utah, Whistic is the network for assessing, publishing, and sharing vendor security information. The Whistic Vendor Security Network accelerates the vendor assessment process by enabling businesses to access and evaluate a vendor’s Whistic Profile and create trusted connections that last well beyond the initial assessment. Make security your competitive advantage and join businesses like Airbnb, Okta, Betterment, and Atlassian who are leveraging Whistic to modernize their vendor security programs.

Read More

SOFTWARE SECURITY

JFrog Integrates with ServiceNow to Improve Software Security Vulnerability Response Times with “ServiceOps”

JFrog | May 27, 2022

JFrog Ltd. , the Liquid Software company and creators of the JFrog DevOps Platform, today unveiled new integrations for JFrog Xray with ServiceNow’s Lightstep Incident Response and Spoke products for IT Service Management. Available immediately, the JFrog Xray integrations with ServiceNow (NYSE: NOW) provide IT leaders with real-time insights on security vulnerabilities and compliance issues to quickly engage necessary team members from across the organization for more immediate response and remediation. “Successfully securing the software supply chain at the speed of business is a team sport, requiring efficient, cross-team collaboration for timely security incident remediation. Our integration with ServiceNow aims to change the relationship between developers and the rest of the business, so they can maintain the speed and frequency of releases, while avoiding downtime and loss of trust from end customers." Shlomi Ben Haim, Co-Founder and CEO, JFrog The new integration enables IT teams to proactively address security issues before they become major concerns. The combination of JFrog Xray and ServiceNow delivers a robust software composition analysis (SCA) tool that can quickly scan binaries for vulnerabilities and license compliance issues, then share those insights with the appropriate parties across the organization. The JFrog Xray-ServiceNow solution is unique in that it helps DevOps engineers, site reliability engineers (SREs), IT system administrators, and others, more securely build, deploy, run, and monitor applications effortlessly, in a single view. It also enables real-time security alerts and insights with assigned actions across all the tools, people, and processes needed for timely resolution. JFrog Xray & ServiceNow: Delivering Incident Response & Enterprise-wide Workflow Design for Security Incidents Identifying and effectively responding to malicious attacks must transcend business units and operational functions. By improving real-time insight, collaboration, and communication amongst and between enterprise security and IT teams, the JFrog Xray-ServiceNow integrations ensure swift responses to emerging security threats. The JFrog Xray integration with Lightstep Incident Response enables developers, SREs, and Security Administrators to: Monitor, collect and respond to license compliance and security vulnerabilities impacting the software supply chain across all stages of the software development and release lifecycle. Streamline vulnerability response by pulling-in the right team members across the organization for faster remediation. The JFrog Xray Spoke for ServiceNow allows IT operations staff to: Generate violation reports, create ‘ignore rules’, re-scan builds, add custom item properties, and more. Automate workflows that meet audit demands and avoid penalties for improper use of code segments obtained from the open-source community. Identify problems earlier in the application development pipeline and incorporate change management solutions. For more information on the new JFrog Xray integrations for ServiceNow Lightstep Incident Response, read this blog or solution sheet. Further details on the JFrog Xray integration with Spoke can be found in this blog. You can also connect with JFrog and ServiceNow solution experts during swampUP 2022 taking place in San Diego, May 25 - 26, 2022. For more information and to register, visit https://swampup.jfrog.com/. About JFrog JFrog Ltd. , is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won’t go back.

Read More

Spotlight

Cyber security risk exists throughout an organization through its people, process, and technology. Where is information stored? What are the external threats to that information? How can that information be accessed internally? What are your internal threats? Have you considered the environmental threats to your information? To protect its information, it is imperative for the organization to be able to answer these questions. Then, the organization can begin the process of mitigating its cyber security risk.

Resources