Sean Michael Kerner

There is no shortage of software vulnerabilities, but not all flaws have equal severity and only a subset must be patched immediately. That’s one of the core themes from a report released by Kenna Security and the Cyentia Institute on Jan. 22, titled “Prioritization to Prediction: Getting Real About Remediation.” The report analyzed 3 billion […]

Red Hat announced the 1.0 release of its open-source Podman project on Jan. 17, which provides a fully featured container engine. In Podman 1.0, Red Hat has integrated multiple core security capabilities in an effort to enable organizations run containers securely. Among the security features are rootless containers and enhanced user namespace support for better […]

2018 was a big year for security vulnerabilities, and 2019 is on track to be even bigger, according to Trend Micro’s Zero Day Initiative. ZDI is in the business of acquiring vulnerabilities from security researchers and then responsibly reporting them to vendors. In 2018, ZDI published 1,444 security advisories, which was 42 percent more than […]

Security technology on cloud servers is supposed to help block and prevent the installation of malware, but what happens when attackers figure out how to uninstall security technology as part of a hacking campaign?  According to a report released on Jan. 17 by Palo Alto Networks’ Unit 42 security research division, that’s exactly what the […]

Barracuda announced an update to its Total Email Protection platform on Jan. 17, providing organizations with new Forensics and Incident Response capabilities. Total Email Protection is Barracuda’s flagship email platform that integrates multiple capabilities including email threat prevention as well as an advanced artificial engine that can mitigate the risk of spear phishing attacks. The […]

The open-source Kubernetes container orchestration system is increasingly becoming a core foundational component that enables the emerging multicloud world. It’s a world that VMware is positioning itself to take a leading role in, thanks in part to the acquisition of Heptio, a firm that was created by the founders of Kubernetes itself. VMware announced the […]

Oracle released its first Critical Patch Update for 2019 on Jan. 15, providing patches for 284 vulnerabilities. The January 2019 CPU addresses security vulnerabilities found across the Oracle software portfolio, including ones affecting database, middleware, Java, PeopleSoft, Siebel and E-Business Suite applications. Thirty-three of the vulnerabilities are identified as being critical with a Common Vulnerabilities Scoring […]

Startup Sonrai Security officially launched on Jan. 15, introducing its Cloud Data Control Service in an effort to improve security for enterprise data assets stored across multiple clouds. The Sonrai Cloud Data Control Service provides multiple features to help organizations improve security, including discovery of data assets as well as classification capabilities. The Sonrai platform […]

Synopsys announced on Jan. 15 that a new version of its Coverity Static Application Security Testing (SAST) technology is now available, providing organizations with enhanced software vulnerability analysis capabilities. Static analysis is an approach where code is examined for potential risks and vulnerabilities before operating in a runtime environment. With the Coverity 2018.12 update, organizations […]

Among the most widely used tools by security researchers is the open-source Metasploit Framework, which has now been updated with the new 5.0 release. Metasploit Framework is penetration testing technology, providing security researchers with a variety of tools and capabilities to validate the security of a given application or infrastructure deployment. With Metasploit, researchers can […]