|
Description:
|
|
Securing Management Interfaces - Likely your organization has some measures in place to implement physical security. This is likely tied to some risk equation which takes into account attack likelihood, the value of your assets, and the cost of such an attack. I've seen some really outstanding physical security, some really poor physical security, and mostly organizations implementing something in between. However, leaving gaps in the security of your management devices (access control server, console servers, on-board server management systems) is the equivalent of having almost zero physical security. It allows attackers to gain access to your systems, bypassing any logical security controls you may have in place. There is a fix for Dell's iDRAC system, which if left unlatched, gives attackers root access to the console server, which very quickly can translate into access to the server itself. The fixes for physical security are often expensive, but the fixes for management level access are usually cheaper and easier. Do most organizations miss this? Why? What can we do to raise awareness?
Database Security? - Patches this week were released for both Oracle and MySQL. Both of these applications come with challenges. you may have this on your network, and not know it because its embedded in the application that was purchased by a small department. Database administrators have enough challenges, and constant patching seems to rock their world. What can organizations do to improve the security of database architecture given current challenges.
Passive PVS PHP Plugins - Say that 10 time fast! Several new plugins were released to passively detect several issues with PHP, including a Backdoor script detection plugin and vulnerability data. Being able to detect indications of compromise, coupled with vulnerabilities is the heart of what Tenable products can deliver. |
.png)
More
Religion & Spirituality
Education
Arts and Design
Health
Fashion & Beauty
Government & Organizations
Kids & family
Music
News & Politics
Science & Medicine
Society & Culture
Sports & Recreation
TV & Film
Technology
Philosophy
Storytelling
Horror and Paranomal
True Crime
Leisure
Travel
Fiction
Crypto
Marketing
History
Comedy
Arts
Games & Hobbies
Business
Motivation