Blog

Navigating vulnerability management and zero-day detection

19.Aug.2019

Outpost24

We understand that vulnerability detection is time critical and can impact how vulnerabilities are managed. To improve zero-day detection, organizations can use a vulnerability management solution to improve the time from detection to fixing a critical vulnerability by utilizing specialist intelligence and tools.

Vulnerabilities discovered by Outpost24 in Oracle WebCenter Sites

07.Aug.2019

Jonas Mattsson, Ghost Labs

This post explains how the vulnerabilities in Oracle Webcenter Site were found and how they can be exploited.

You can count on CARTA for a better security posture

23.Jul.2019

Davey Winder, security journalist

A Continuous Adaptive Risk and Trust Assessment (CARTA) approach to your security posture may not be a new thing, Gartner formalized the idea two years ago at its 2017 security summit, but neither is it an advisable one: it’s absolutely essential for organizations to adopt agile security

Infosecurity Europe 2019 infographic: Cyber resilience for application and cloud security

15.Jul.2019

Bob Egner, Head of Product

Check out our interactive infographic to see how your peers are managing their application and cloud security

How much is application pen testing truly costing?

03.Jul.2019

Simon Roe, Product Manager Outpost24

Penetration testing, or pen tests, can be a confusing subject and the costs can sometimes spiral beyond what you originally budgeted for without adding value. So, is application pen testing an effective way of keeping your critical applications protected or should you look at exploring other options?

There are security experts who insist penetration testing is essential for application security, and you leave yourself open to BIG risks if you don’t do it regularly. However, not knowing the entire end to end process can be a major stumbling block to getting the best value and, crucially, could have a big impact on your bottom line and overall business security.

Protecting what’s yours: data security in the cloud

13.May.2019

Davey Winder, security journalist

There can be no doubting that the cloud is no longer the future but rather the present for an ever-increasing number of organizations. Driven by factors such as digital transformation, operational efficiency, agility and cost savings, the cloud has proved to be something of a business no-brainer.

Cloud security tools: Understanding the differences between CASB, CSPM and CWPP

25.Apr.2019

Sergio Loureiro, Cloud Security Director

For the increasingly complex cloud migration across IaaS, PaaS and SaaS, Gartner came up with 3 different markets for cloud security assessment solutions, which leads to many questions about their differences and use cases to protect public cloud services.

Never trust, always verify: implementing a zero-trust strategy for your organization

11.Apr.2019

Davey Winder, security journalist

Cybersecurity is plagued by a surplus of buzzwords, but occasionally there is one which really is worth investigating further; zero-trust definitely falls into this latter category. So, just what is a zero-trust strategy and how do you implement one effectively in your organization?

Vulnerability discovered in gSOAP by Outpost24

01.Apr.2019

Kristian Varnai Pettersson, Senior Security Consultant at Ghost Labs by Outpost24

When performing a penetration test, there is usually something to be found and reported on. Every once in a while, there’s a client with such great security posture that there are simply no major issues in their web application. When this happens, it can mean only one thing: we need to go deeper!

A color-coded guide to pen testing

26.Feb.2019

Davey Winder, security journalist

Thanks mainly to an ever evolving threat landscape and regulators sharpening their teeth, cybersecurity has become a firm fixture on the agenda in boardrooms and in headlines of media reports alike. This has led, by and large, to a welcome increase in awareness of what 'good' cybersecurity is. With, perhaps, one important exception: mention penetration testing and brows furrow soon followed by the inevitable what's that and why is it relevant to my business question. Which is ironic, when you think about it, as testing the security of your applications, systems and processes is vital when the threats themselves are ever-changing.