Filter By:

Recent Blogs & Podcasts


\ Enterprise Software 

August 18, 2017 | Vulnerability Assessment and Management
By Josh More, IANS Faculty

 Take an Effort-Based Approach to Vulnerability Management

Traditional risk-only based approaches to vulnerability management often lead to conflicts between security and the business, each of which has difficulty understanding the priorities and motivations of the other. In this Ask-an-Expert written response, IANS Faculty Josh More explains how an effort-based approach can side-step such issues, improving security while fostering better relations with the business.

Read More »

August 17, 2017 | Vulnerability Assessment and Management
By Kevin Beaver, IANS Faculty

 Expand Vulnerability Scanning and Assessments in a Highly Regulated, Tightly Staffed Environment

Vulnerability management within a large, highly regulated environment is time-consuming and complicated. In this live Ask-an-Expert written interaction, IANS Faculty Kevin Beaver suggests leveraging a current MSSP relationship to improve visibility, expand capabilities and get a jump start on better managing the process.

Read More »

July 15, 2017 | Networking and Network Devices
By Chris Gonsalves, IANS Director of Technology Research

 Patch Now: Cisco Closes Nine Serious SNMP Holes in IOS, IOS-XE

Cisco Systems this week issued patches for a series of critical SNMP vulnerabilities in its popular IOS and IOS-XE network infrastructure software. The nine publicly disclosed security flaws could enable an unauthenticated attacker to run remote code on – or take complete control of – target systems

Read More »

January 12, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q4 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »

November 17, 2016 | Encryption, Digital Signatures, Certificates, Tokenization
By Ken Van Wyk, IANS Faculty

 Van Wyk: Email Privacy Expectations Not Aligned With Current Technology, Practices

No matter whom you voted for on November 8, it seems fair to say that email played a pretty significant role in the election — and not in a good way. We’ve seen private email servers, email accounts hacked and their contents exposed, and so on. Email has garnered a lot of attention this year, which, at least from where I sit, is regrettable.

Read More »

November 3, 2016 | Vulnerability Assessment and Management
By Michael Pinch, IANS Faculty

 Vulnerability Patching Policy Best Practices

Patching and vulnerability management can be a highly variable process depending on a number of factors, but there are some basic best practices that organizations can adhere to. In this Ask-an-Expert written response, IANS Faculty Mike Pinch details these best practices for vulnerability scanning and management, including for servers, endpoints and at the application level.

Read More »

January 21, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 Moving Email Archiving to the Cloud

Can cloud-based email archiving match the features, security and compliance capabilities of an on-premises solution? In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford say yes (for the most part) and offers a rundown of the top cloud archival vendors as well as implementation advice.

Read More »