Blog

Fix now: High risk vulnerabilities at large, August 2020

12.Aug.2020

Simon Roe, Product Manager Outpost24

Since April 2020 we’ve been writing about the latest CVEs to look out for in our risk based vulnerability management blog. Going into August we are highlighting a CVE affecting a popular password vault – KeePass, along with a few interesting ones. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

Outpost24 Public GitHub Now Available

03.Aug.2020

Eren Cihangir, Sales Engineer at Outpost24

Hello, World! For the first time, Outpost24 is releasing public repositories in GitHub!

Fix now: High risk vulnerabilities at large, July 2020 part 3

28.Jul.2020

Simon Roe, Product Manager Outpost24

In the world of CVEs, we have seen a few interesting ones released in the last couple of weeks since our last risk based vulnerability management blog, including the recent big news SIGRed. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

Attack surface analysis explained: The 7 deadly vectors for web application attacks

22.Jul.2020

Stephane Konarkowski, Senior Security Consultant at Outpost24

Modern web applications are complex, it is often made up of many layers where potential flaws could appear making it hard to secure. That’s why it’s important to understand the key attack vectors hackers use to spot entry points and map your attack surface during reconnaissance and work back from there to protect your web application footprint.

Fix now: High risk vulnerabilities at large, July 2020 part 2

17.Jul.2020

Simon Roe, Product Manager Outpost24

In the world of CVEs, we have seen a few interesting ones released in the last couple of weeks since our last risk based vulnerability management blog, including the recent big news items affecting F5 BIGIP and Pan-OS. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

How Outpost24 Secures the SDLC

13.Jul.2020

Eren Cihangir, Sales Engineer at Outpost24

At Outpost24, we’re committed to providing information security testing solutions to not only fit seamlessly into the SDLC, but also to enhance our customers’ experiences in implementing and maintaining their best practices to ensure their SDLC leads to a strong security posture and comprehensive resiliency around their full stack.

Fix now: High risk vulnerabilities at large, July 2020

02.Jul.2020

Simon Roe, Product Manager Outpost24

In the world of vulnerabilities, we have seen a few interesting ones released in the last couple of weeks since our last Farsight risk-based vulnerability management blog in June, including some recently discovered by Palo Alto affecting D-Link Routers. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

What are Security Misconfigurations and how to prevent them?

30.Jun.2020

Sergio Loureiro, Cloud Director

Misconfigurations are often seen as an easy target, as it can be easy to detect on misconfigured web servers, cloud and applications and then becomes exploitable, causing significant harm and leading to catastrophic data leakage issues for enterprises like the 2019 Teletext exposure of 530,000 data files which was caused by an insecurely configured Amazon Web Service (AWS) web server.

Fix now: High risk vulnerabilities at large, June 2020 part 2

17.Jun.2020

Simon Roe, Product Manager Outpost24

In the world of vulnerabilities, we have seen a few interesting ones released in the last couple of weeks since our last Farsight risk based vulnerability management blog covering the CERT Top 10. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

Social distancing times are social engineering times

12.Jun.2020

Martin Jartelius, CSO, Outpost24

Recently, we encountered an attacker who had taken efficient spear-phishing to an interesting and increased level of consistency and automation. We’ve also seen firsthand the speed at which this attacker learned from some initial mistakes to launch their successful attack which we identify in the examples in this blog.