patch

vendors

A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendors for several months prior to the intrusion. This is likely a failure in which of the following security processes?

Leave a Comment / CEHv11 / By

A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendors for several months prior to the intrusion. This is likely a failure in which of the following security processes? Option 1 : Vendors risk management Option 2 : Patch management Option 3 : Secure development lifecycle Option 4 : Security awareness training …

A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendors for several months prior to the intrusion. This is likely a failure in which of the following security processes? Read More »

ISO-27001-Annex-A.12.6-Technical-Vulnerability-Management

ISO 27001 Annex : A.12.6 Technical Vulnerability Management

Leave a Comment / ISO 27001 La, Knowledge Base / By

ISO 27001 Annex : A.12.6  Technical Vulnerability Management Its objective is to avoid technological vulnerabilities from being exploited. A.12.6.1  Management of Technical Vulnerabilities Control- Information on technological vulnerabilities of information systems used should be obtained in a timely manner, the exposure of the organization to such vulnerabilities should be assessed and appropriate measures taken to address the risk involved Implementation Guidance – An up-to-date and comprehensive asset inventory is necessary for the effective management of …

ISO 27001 Annex : A.12.6 Technical Vulnerability Management Read More »