ES Episode7

From Paul's Security Weekly
Jump to: navigation, search

This week on Enterprise Security Weekly, tenable makes a strategic partnership to ease authenticated vulnerability scanning, avast announces a much faster antivirus engine, Risksense unveils cyber risk scoring that allows some other kind of scoring that you might be familiar with, and alert logic goes into the cloud. All that and more, so stay tuned!


Enterprise Security News

  1. http://www.businesswire.com/news/home/20160620005164/en/Tenable-Network-Security-Partners-Thycotic-Simplify-Credential
  2. http://marketcheetah.com/2016/06/21/avast-unveils-zero-second-threat-detection-in-its-new-high-speed-version-of-its-flagship-antivirus-products/
  3. https://www.equities.com/news/risksense-unveils-fico-like-cyber-risk-scoring-to-pinpoint-threats-that-require-immediate-attention
  4. https://www.pehub.com/2016/06/3339751/
  5. http://www.itp.net/608081-f5-expands-security-portfolio-to-focus-on-ddos-protection
  6. http://www.marketwired.com/press-release/alert-logic-enables-complete-continual-visibility-into-aws-environment-cloud-defender-2136601.htm

Web Application Scanning

  1. If you're an enterprise, how should you approach web application scanning?
  2. I just bought XYZ web application scanner, pointed it at some sites, and I'm good now, right?
  3. When do you use an automated tool vs. scan it on your own vs. hire a pen tester?
  4. How can you enable developers and QA to scan themselves?
  5. How does your strategy differ from home-grown applications vs. 3rd party/open-source?
  6. What are the common things people miss when configuring an automated web application scanner?
  7. Should everyone be doing web application scanning?