Vulnerability Management Questions
Nov 29 2021
Hi security professionals,
As the majority of you have probably heard, GoDaddy has been hacked again a few days ago.
Based on what is already known, what has been done wrong and what can be done better?
Share your thoughts!(less)
Nov 22 2021
Hello dear members,
What are the MITRE ATT&CK framework use cases? How can it be integrated/used in an enterprise security strategy?
Nov 22 2021
What to include into Service Level Agreement (SLA) when purchasing cloud penetration testing services?
What should one include (essential items) into a Service Level Agreement (SLA) when purchasing cloud penetration testing services?
Oct 08 2021
Which tool can you recommend for Vulnerability Assessment and Penetration Testing for an application built on the Microsoft Stack?
We have developed an eCommerce system using the Microsoft Technology Stack.
Now, we would like to perform Vulnerability Assessment and Penetration Testing (VAPT) of this system using a comprehensive tool.
Can anyone recommend a tool that (preferably, an open-source one) to perform VAPT on the eCommerce application before releasing it to the client on production?
Thanks for your help!(less)
Nov 24 2021
Hi cybersecurity professionals,
I'm looking for your recommendations about penetration testing tools for SMB/SME.
What would be your choice? Please share a technical description of why would you choose this tool over others.
Thanks in advance.
Jul 16 2021
Hi, I'm doing integration between Tenable and ServiceNow and I'm looking for an API for Tenable Connector into ServiceNow.
Does anyone have good recommendations?
Jul 28 2021
Which automated tools for penetration testing would you recommend to your colleagues working for enterprises?
Please share 1-3 reasons why you like those tools.(less)
Nov 06 2021
Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?(less)
Jun 15 2021
Is continuous vulnerability scanning essential?
Are there other approaches to vulnerability management that do not involve continuous scanning?
Aug 21 2021
What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
In the past vulnerability assessment has been the primary approach used to detect cyber threats.
Risk-based vulnerability management has become increasingly popular.
How do each of these approaches work, and which do you think is more effective?
When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
Let the community know what you think. Share your opinions now!
Download our free Vulnerability Management Report and find out what your peers are saying about Ivanti, Rapid7, Tenable Network Security, and more!
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are your recommended automated tools for penetration testing?
- Can you recommend API for Tenable Connector into ServiceNow
- What penetration testing tool (or tools) do you recommend for SMB/SME?
- What to include into Service Level Agreement (SLA) when purchasing cloud penetration testing services?
- How can you use the MITRE ATT&CK framework for improving enterprise security?
- Vulnerability Management and Risk Management Integration
- Which tool can you recommend for Vulnerability Assessment and Penetration Testing for an application built on the Microsoft Stack?