What Are Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS)?

CVE and CVSS featured

It seems like new vulnerabilities enter the mainstream every day. With the recent Log4Shell bug attracting significant attention as one of the worst vulnerabilities known to cybersecurity, many businesses are scrambling to understand their exposure and how the cybersecurity industry is responding. One way to understand these vulnerabilities is to look at security databases and classifications. Two of the most widespread frameworks for classifying and ranking vulnerabilities are the Common Vulnerabilities Exposures and Common Vulnerability Scoring Systems.

 

Read More

Why Is Penetration Testing Important for Compliance?

Why is Penetration Testing Important?

When we think of hacking, we think of foreign agents or thieves undermining cybersecurity. But ethical hackers have served an important role in uncovering security vulnerabilities before they are exploited by malicious parties. The practice of penetration testing is one of the most tried-and-true forms of security testing available, and one that many cybersecurity regulations require for compliance. 

Here we provide an introduction to penetration testing and its role in compliance. The fact is that most security frameworks either require or suggest some form of penetration testing… and for good reason. 

Read More