Wednesday, October 20, 2021

Advice on security vulnerabilities

It’s the Reader’s Digest for penetration testers: “@Risk: The Consensus Security Alert” is a new online newsletter that highlights the week in software vulnerabilities, with analysis and commentary by leading security experts.

The SANS Institute unveiled the newsletter during the U.S. Department of Homeland Security’s National Cyber Security Summit in December, and it is currently being circulated to 200,000 network security professionals who have registered to receive it through the SANS website. “@Risk” gives network administrators a compendium of all the week’s security vulnerabilities, courtesy of Qualys Inc., and a companion listing of the week’s vulnerabilities deemed critical by TippingPoint Technologies Inc., which sells network-based intrusion-prevention systems.

Particularly useful is information called Council Actions, which features advice on handling each of the critical vulnerabilities from a panel of 12 security administrators from large corporations, government departments and organizations, says Alan Paller, research director at the Institute. Writing anonymously, the council members talk about steps, if any, that they took on each critical item, including patches, firewall configuration changes and workarounds.

To sign up for “@Risk,” go to https://portal.sans.org/preferences.php.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Tech News