US Electric Grid is “becoming more vulnerable to cyberattacks” says US GAO

In an earlier blog article titled “Energy Sector at risk of Cyber Attacks”, we described an attack at a Western Utility company and how the attack leveraged a known software vulnerability for which a patch was available but not applied. The energy sector needs to pull up its socks as is evident from recent NIST […]

Understanding NIST CyberSecurity Practice Guide for Energy Sector Asset Management

In an earlier blog in May 2019 titled “Energy sector at risk of cyber attacks!”, we talked about how the energy sector is at the cusp of cyber attacks across the globe. This is a shared sentiment, as is evident from the recent special publication 1800-23 from NIST (link to complete publication for those interested) […]

Host discovery using twigs

As described in the earlier blog article – Getting started with twigs, one of the discovery modes supported by twigs is host discovery. In the host discovery mode, twigs will collect required metadata from the host to perform no-scan vulnerability assessments. The host discovery mode supports local and remote discovery. Local refers to discovery of the […]

Avoid vulnerability creep via 3rd party softwares

Earlier last month NIST released a draft copy of CyberSecurity White paper titled “Mitigating the risk of Software Vulnerabilities by adopting a Secure Software Development Framework [SSDF]” for comments. The paper highlights how few software development lifecycle [SDLC] models explicitly address software security in detail and it recommends a core set of high-level secure software […]

Weekly Reserved CVE Actionable Insights ( June 23rd 2019 )

What are reserved CVE’s ? Reserved CVE’s are NVD records for confirmed vulnerabilities with little to no information. In most cases there is no information available. ThreatWatch’s prediction model, “Coeus“ goes through all the related information about these CVE like attack vector type, social chatter and vendor advisories, and arrives at a CVSS vector and […]

Manage the vulnerability deluge with “Actionable Insights”

The number of vulnerabilities being reported has just been growing over the years. The below chart help depict how the count of vulnerabilities has grown significantly (though not yet exponentially) over the recent years. Note it is apparent from the chart how ThreatWatch provides better overall vulnerability intel coverage, apart from standard sources like NVD. […]

Energy sector at risk of cyber attacks!

Energy is the all pervasive fuel which drives world economies. It is no wonder that hackers regularly target energy sector companies to cause massive disruption. In a report titled “The road to resilience: managing cyber risks”, Christoph Frei, Secretary General, World Energy Council said the following: Cyber threats are among top issues keeping energy leaders […]

Machine Learning (ML) powered vulnerability scoring for better prioritization

Most organizations face challenges with prioritizing risk from a new vulnerability or threat. At times, late breaking threats do not provide a severity assessment. The standard way to identify the key characteristics of a threat is using CVSS (Common Vulnerability Scoring System). CVSS provides a Vector (based on key dimensions / attributes of the threat […]

Unpatched software – the single biggest security risk.

  Lately I have been going through recorded sessions from RSA Conference 2019. Thanks RSA for making these recordings available. This particular session “In the wake of an attack – Thoughts from a seasoned CISO” caught my attention and I listened to its playback. It is around 45 minutes for those of you who are […]