Connect with us

Cyber Security

Review: Qualys VMDR

Avatar

Published

on

It’s 2020 and the importance of vulnerability management should go without saying. In fact, knowing your assets and performing continuous vulnerability management are two of the Top 20 Critical Security Controls delineated by the Center for Internet Security (CIS).

This is a review of Qualys VMDR (Vulnerability Management, Detection, and Response), an integrated solution for:

  • Detecting and identifying your assets
  • Vulnerability identification and assessment
  • Prioritization of vulnerability remediation efforts
  • Finding missing patches and misconfigurations responsible for the vulnerabilities identified
  • Patch prioritization and easy deployment of software patches

Qualys VMDR really shines in a hybrid environment of cloud instances (e.g. Amazon AWS EC2s), multiple offices and a remote workforce. Where such a large number of distributed devices is involved, Qualys VMDR minimizes the hassle of tracking those assets and checking what patches and/or mitigations are missing, which pose a high risk to the organization.

To top it off, it’s a cloud-based Software-as-a-Service solution, so it’s one less moving part that must be maintained on site.

Reporting and visualization

If you have thousands of hosts/assets scattered over multiple networks then dashboards, visualization and reporting is how you can easily collect information.

When you first open Qualys VMDR, you’ll be greeted by a default dashboard with pre-defined widgets that you can customize with bar charts, counters and tables. Some scenarios that we tried to display – e.g., visualizing asset breakdowns or vulnerability types – can be easily created, since the user can preview the actual result at the time of creation.

Complex visualizations can also be created, since the queries support Boolean logic and combos like “tags.name:`Cloud Agent` AND software: (name:`CiscoAnyConnect Secure Mobility Client`”. Complex queries are sometimes hard to create, but in Qualys VMDR tooltips, autocomplete and dropdown options are a great help with that.

review Qualys VMDR

review Qualys VMDR

Specific views into Qualys VMDR’s features, such as seeing which certificates have expired or are about to expire, are presented in a clear tabular view, where sorting by a column works well.

Drilling down into all of your assets – networks, IP addresses, domains, vhosts, asset groups, OSes, apps, ports/services and certificates – is simple, and tables and search bars make it easy to find what you want to see.

review Qualys VMDR

Reports based on information from/on scans, maps, patching, authentication, remediation, compliance levels and asset lists can be generated or scheduled for generation. Report templates can be configured. All classic output formats are supported: PDF, HTML, XML, CSV and MHT (Web Archive for Internet Explorer).

review Qualys VMDR

The tool has met all our reporting and visualization requirements. But let’s see now is how it handles asset discovery and the application of patches/mitigations.

Asset discovery

Discovery can be performed either with passive scanning sensors, which need to be deployed on-site to monitor the network for information about assets, or by deploying an agent on the machine. Agents work as one would expect, and can be deployed on Windows, deb or rpm-based GNU/Linux distros, and macOS, AIX or BSD. They can either be installed directly on a machine (the user must add his CustomerID to associate the agent with his instance) or they can be deployed over AD or through other provisioning or management processes.

Assets can be organized into asset tags, which work exactly like classic tagging. Hosts can be added either via the manual “select than add” workflow or by simply pasting in a list of IP addresses/ hostnames. Grouping works either on the IP range, DNS, NetBios or Domain level. Per-user grouping and grouping hosts that are detected by a specific scanner are also available options.

One interesting thing we saw here is that each asset group can be labeled according to business impact, function, division and location, which makes searching for organizations’ information assets simpler and easier. Another interesting thing is the ability to add a CVSS metric info to the asset group. This means that a specific group can be labeled with its:

1. Collateral damage potential
2. Target distribution
3. Confidentiality requirement
4. Integrity requirement
5. Availability requirement.

This is useful if we want to add risk-specific information to our assets, which should highly improve the workflow for engineers performing vulnerability management.

Prioritization and remediation

The main view for prioritization is the prioritization report with a dashboard-like interface. This makes sense since, in practice, all of our remediation efforts will be bound in a “view” where we want to work on detection and remediation for a specific group of assets.

The dashboard enables us to select for specific asset tags for the use case in hand, which will then allow us to see the breakdown for the detection age for a number of threat indicators. Threat indicators are also grouped, and can be selected from a number of predefined categories, as seen in the next screenshot.

As an instance, if you want to identify the vulnerabilities getting exploited by malware in workstations then you will select asset tags related to your workstation and choose ‘Malware’ and ‘Wormable’ Threat Intelligence indicator to prioritize the relevant vulnerabilities.

The prioritization report takes a transparent approach to prioritize the vulnerabilities and its remediation efforts, the user has the flexibility to choose the criteria according to the use case in hand.

review Qualys VMDR

After we are greeted by the breakdown of our assets/vulnerabilities/patches, we can do our vulnerability management work. We can see what patches/mitigations are missing in our asset groups or we can go over specific assets and see what patches/mitigations are missing from that specific asset.

The recommended patches in the prioritization report take into account the supersedence of the patches and dynamically maps patches to the vulnerabilities to identify the exact patch which will fix the vulnerability(s).

From a workflow perspective, this enables a lot of flexibility and enables both a precise approach and a general/grouped approach. Since our management work won’t be done in one day, reports can be saved so that we can continue where we stopped the day before.

review Qualys VMDR

Selecting “Patch now” on the main dashboard will enable us to either create a new patching job, add this set of patches to an existing job, or just view what patches are missing. One part of that workflow can be seen in the following screenshots:

review Qualys VMDR

review Qualys VMDR

review Qualys VMDR

review Qualys VMDR

Conclusion and verdict

At the moment, Qualys VMDR doesn’t cover automatic patching for all types of vulnerabilities. It will identify vulnerabilities, but certain mitigations still have to be applied manually (e.g., configuration changes, many GNU/Linux-based patches). Applying software patches is a feature that works for the Windows ecosystem. However, Linux, Mac and Patching using third party patching systems are in the roadmap.

Additional elements such as support for containers and securing containers, mobile device management, and automatic renewal of certificates are scheduled to be released later this year. This is definitely not a deal-breaker, since automation in some of those features is highly dependent on the specific engineering practices inside the organization.

That said, Qualys VMDR successfully solves common enterprise problems: how to perform vulnerability management on a large number of assets, how to identify the assets, and how to find missing patches/misconfigurations and apply mitigations.

For a company that is heavily dependent on the Windows ecosystem and whose assets span to cloud providers and multiple networks, this is an excellent product that resolves a major pain point. It’s Even more important in mixed form environments is the vulnerability management workflow, where identification of missing mitigations is very useful, and Qualys offers an interesting approach for identification.

For existing Qualys customers or those looking to invest in a web scanner or PCI compliance offerings, expanding their tooling with Qualys VMDR makes strategic sense, since it will nicely integrate into the engineering workflow through the Qualys cloud platform.

Qualys has an open training library for VMDR and other tools that can provide our readers with more in-depth information on the inner workings of the product.

Source: https://www.helpnetsecurity.com/2020/06/29/review-qualys-vmdr/

Cyber Security

Semantic UI CDN

Avatar

Published

on

UI CDN img-et55

Table of Contents

What is Semantic UI CDN?

Semantic UI React supplies React components, while Semantic UI CDN provides themes such as CSS stylesheets.

Semantic empowers designers and developers to create a specific UI vocabulary.

Current version 2.4.2

<head>
<script src=”https://code.jquery.com/jquery-3.1.1.min.js” crossorigin=”anonymous”></script>
<link rel=”stylesheet” href=”https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css”>
<script src=”https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.js”></script>
</head>

The rise of the digital economy changed the way we communicate, search for information, shop for products and services, decide, and many other tasks dramatically. As the digitization of virtually everything continues unabated, an endless supply of content is being generated, and devices and interfaces are becoming increasingly intuitive. Taking advantage of this opportunity, businesses of all sizes have embraced content marketing to sell products and services to consumers around the world. The speed of the websites they visit is essential for digitally empowered customers.

So, if you want to have low bounce rates and high retention rates, your website needs to be fast and highly responsive. The Content Delivery Network ( CDN) can make your website faster by reducing the distance between the user and the server of the site, compressing files, and optimizing connections. If you want a responsive web design, you can use Semantic CSS UI, an open-source framework that uses Cascading Style Sheets (CSS) class names such as words to generate a natural language style library.

The web design is responsive when it automatically adjusts content to look good on all devices, from mobile phones to tablets, laptops, and desktops. Semantic UI makes it possible to use human-friendly HTML. It can be installed either locally or using a hosted CDN.

What Are the Benefits of using Semantic UI CDN?

Semantic UI tasks can be effectively integrated with the Semantic UI CDN in the current website development tools.

Examples of semantic UI

For example, if you want to design a list using semantic UI CDN, you can simply add a few lines of code to your project using the list component CDN.

Research shows that 47% of visitors expect a website to load within 2 seconds, 40% leave a website that is loaded for more than 3 seconds, and 79% that are slower. Imagine the potential revenue of those who leave your site and never return because your web pages won’t load quickly enough.

Companies such as Akamai, MaxCDN (now StackPath), Amazon CloudFront, and Cloudflare CDN distribute edge server texts, documents, graphics, scripts, multimedia files, apps, and web tools worldwide. The CDN would connect the user to the server nearest to the location of the site instead of to the main server thousands of miles away to speed up the delivery of content.

In addition to boosting website load times, CDN reduces bandwidth costs, enhances overall content availability, and improves the security of your site. The amount of data generated by a server is decreased by caching information, distribution of inbound web traffic through several servers, and routing of user requests to the closest edge node. As a result, the CDN can reduce website hosting costs. The advantage of faster loading times is that it improves Google’s page load frequency, increasing the SEO ranking of your site.

When it comes to security, a CDN helps protect your website and ensure it is secure using fresh TLS / Secure Sockets Layer (TLS / SSL) data encryption and authentication certificates. TLS / SSL) certificates also guarantee data integrity by manipulation and falsification detection.

Most organizations have RTL (Right To Left) CSS and JavaScript in Semantic UI for CDN support. React, Meteor, and Ember.js provide construct tools that integrate with Semantic UI. All modern JavaScript bundlers fully support the Semantic UI React. Snapchat is a great organization that uses Semantic UI.

Select Right CDN at Low Cost?

With so many companies offering network content delivery services, it is not easy to select the right one. The following tips can help you find the CDN that fits your needs.

Performance

You are hiring a CDN service provider, and you want your website to load faster so that you know how easily the edge servers will deliver your files. In this respect, you have to analyze and compare main performance metrics such as latency and efficiency during regular and peak traffic times. Ask if the CDN can reduce latency and hops, if its responses and load times are satisfactory and if it can cope with unexpected network traffic spikes so that your site can operate instead of decreasing.

Security

In addition to making the loading of your websites faster, a CDN will improve the protection of your site. In particular, a CDN service provider should be able to mitigate cybersecurity threats such as DDoS attacks, ransomware, and phishing, keeping your website and your business safe.

Technical support

Responsive technical assistance is an essential factor in choosing a CDN. Check the ticket response time for the content delivery network service, whether it has a team that can help 24 hours a day via email and phone, and if they can fix any problems promptly.

Functionality/Features

A secure CDN should include tools and features that optimize the performance of your website, including instant content removal from any edge server, an intuitive user interface that helps you to set up and manage your web resources quickly, a network that delivers content as quickly as possible, or a forum for monitoring traffic statistics in real-time.

Cost

There are content distribution networks that can be used free of charge, while others cost hundreds to thousands of dollars. They’re doing the same thing, which is to make the website load faster. Compare pricing plans and choose the one you think offers the best value to your money.

The Bottom Line

Your website is a powerful tool to encourage your business for a global audience, but it can be responsible if it goes slowly. Whether unoptimized images, voluminous codes, too many HTTP queries, or JavaScript problems are accountable for your website’s slower performance, a content delivery network can help. Semantic UI CDN CSS is also supported by A CDN to create websites that are responsive to each device.

Source: https://cybersguards.com/semantic-ui-cdn/

Continue Reading

Cyber Security

Cyber Attack on Iran Nuclear Facility by USA or Israel

Avatar

Published

on

Iran has issued a direct warning to two nations- the United States and Israel; that it will launch a retaliation related cyber attack, if any of the two nations is found guilty, in digitally disrupting its Natanz Nuclear Factory mid-last week.

Highly placed sources say that a fire broke out in the facility last week, with Iran suspecting a digital hand of either Israel or US in the cyberattack propelled nuclear facility disruption.

Islamic Republic News Agency (IRNA) acknowledged the news by stating that the fire mishap was a result of a cyber-attack and the Ministry urged the two nations to revise their policies against Tehran.

Note 1-Iran’s Natanz Nuclear Facility is used for Uranium Enrichment and is under the constant vigil of the UN Nuclear Watchdog- International Atomic Energy Agency(IAEA).

Note 2- In the year 2010, the US launched a digital attack on the Natanz nuclear facility which at that time was being used for electricity generation in Iran. And sources add that a newly developed Stuxnet Computer Virus to disrupt the facility by Washington or Tel Aviv.

Note 3- Now, Iranian officials claim that the latest fire disruption in the facility was also due to the digital invasion, but failed to pin down the incident on the two nations due to lack of evidence. However, the Defense Intelligence Agency who is probing the incident has warned that if the nation led by Donald Trump is found guilty in the attack, it has to get ready to face serious consequences over the incident.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

Source: https://www.cybersecurity-insiders.com/cyber-attack-on-iran-nuclear-facility-by-usa-or-israel/

Continue Reading

Cyber Security

The UK to axe Huawei from 5G network build due to security fears

Avatar

Published

on

Britain is all set to reconsider its decision of allowing Chinese company Huawei to build 5G network infrastructure in its nation, as a newly drafted intelligence report has confirmed that the installed infrastructure will only guarantee safety from Chinese espionage just for 7 years.

According to research conducted by Daily Mail, the National Cyber Security Center(NCSC) has concluded that Huawei 5G products are not secure and so the ban imposed by the United States against the Chinese vendor is completely true.

Britain’s Ministry is reported to approve the ban after a cabinet ban to be held at the end or early next week and so the purchase of Huawei’s 5G equipment due to be done in November this year might take a U-Turn.

Oliver Dowden, the Cultural Secretary has acknowledged that the Ministry has received the latest intelligence report from NCSC, a cyber arm of GCHQ, and said that a formal announcement on the matter will be announced shortly.

Mr. Dowden also reiterated the fact that decisions such as these definitely need some time to come to a consensus and admitted that there is a chance of Huawei’s entire technology getting scraped from Britain’s Telecom network by the end of 2029.

Note 1- A source from Huawei on the condition of anonymity reacted to the news and stated that the decision of NCSC to scrap Huawei from the 5G network build project might be a result of a pressure coming from Trump Administration.

Note 2- NCSC has clearly specified in its report that it’s better to replace Huawei with a company headquartered in western countries as reconsidering Asian alternatives like Japan’s NEC might be less trustworthy.

Note 3- Matt Hancock the Health Secretary of UK told Sky’s Sofy Ridge that Britain will take the decision on Huawei keeping the best interests of its populace.

Note 4- As per some trade analysts working for Alibaba, if Britain imposes a ban on the use of 5G products of Huawei in its network build, then it can witness a loss of $13 billion in GDP gains in the next 10 years.

Source: https://www.cybersecurity-insiders.com/the-uk-to-axe-huawei-from-5g-network-build-due-to-security-fears/

Continue Reading
Blockchain45 mins ago

Synthetix Full Guide and Review: Making Money Staking SNX

Blockchain50 mins ago

This Historically Accurate Bitcoin Bullish Indicator Flashes Again

Blockchain51 mins ago

Greenspin Presents Gods Of Gold: InfiniReels

Quantum2 hours ago

New Hub Paper: ‘Towards a Quantum Software Modeling Language’

Semiconductor2 hours ago

Manufacturing Bits: July 6

Semiconductor2 hours ago

Power/Performance Bits: July 6

Blockchain2 hours ago

Altcoin Explorer: Elrond (ERD), the Internet Scale Blockchain

Venture Capital2 hours ago

Selling innovation into telcos

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Semiconductor2 hours ago

ON Semiconductor to Provide Danfoss with High Power Devices for Inverter Traction Modules

Cannabis2 hours ago

Fine Art Shippers to Partner with AGS Cargo in Brazil

Fintech2 hours ago

Yapeal ist Live und lanciert erste Visa Debit-Karte der Schweiz

Blockchain2 hours ago

Bitcoin’s 150% Rally From $3,700 May Fade as Wall Street Eyes Weak Earnings

Fintech2 hours ago

Sunrise and YAPEAL Agree Partnership for Mobile Digital Swiss Financial Services App

Cannabis2 hours ago

Cannabis, Hemp, and CBD Marketing Resources to Make Your Life Easier (and Help Your Business to Stand Out!)

Cyber Security2 hours ago

Semantic UI CDN

Fintech2 hours ago

Major banks take another step towards ‘truly European’ payment system

CNBC2 hours ago

Shanghai soars more than 5%, leading gains in Asia as ‘bull sentiment’ drives markets

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Blockchain3 hours ago

Ethereum On-Chain Metrics Improving After a Massive Month for DeFi

Blockchain3 hours ago

Singapore witnessed over 50% growth in the blockchain sector.

Blockchain3 hours ago

Celsius Network Review

Business Insider3 hours ago

Here’s an exclusive look at the pitch deck robot startup BotsAndUs used to raise $2.5 million

Publications3 hours ago

Uber reportedly agrees to acquire Postmates for $2.65 billion

Blockchain3 hours ago

Tron (TRX) Price Jumps 5% And Showing Early Signs of A Fresh Rally

Cannabis3 hours ago

Growing with the sun: Cannabis companies look to outdoor cultivation

Gaming3 hours ago

‘PUBG Mobile’ 0.19.0 Arrives on iOS and Android Tomorrow with the Nordic Styled Map Livik, Royale Pass S14, and More

Cyber Security3 hours ago

Cyber Attack on Iran Nuclear Facility by USA or Israel

Cyber Security3 hours ago

The UK to axe Huawei from 5G network build due to security fears

Cyber Security3 hours ago

Behave – A New Browser Extension to Find web sites that Perform Browser-Based Port Scans or Attack

Automotive4 hours ago

Chip Reliability Vs. Cost

Fintech4 hours ago

Germany Wants to Give BaFin More Responsibility Amid Wirecard Scandal

Blockchain4 hours ago

Insights: After Reaching 4 Million Users, Luno Enters Kenya and Ghana Next

Payments4 hours ago

Not your keys, not your Bitcoin

Blockchain4 hours ago

Bitcoin News Summary – July 6, 2020

Blockchain4 hours ago

Customer Service Is Key, According to OKEx’s CEO

Business Insider4 hours ago

Uber will acquire food delivery startup Postmates in $2.6 billion all-stock deal, reports say

Cannabis4 hours ago

Halo Announces Closing of Los Angeles Dispensary Project Acquisition & Passage of Los Angeles Ordinance to Accelerate Approval of Winning Applicants

Fintech4 hours ago

Open banking’s first loan approved

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Cannabis4 hours ago

Marijuana use in pregnancy may cause sleep problems in kids

CNBC4 hours ago

UK to phase out Huawei gear from 5G networks in a major policy U-turn after U.S. sanctions, reports say

Cyber Security4 hours ago

Data exfiltration: The art of distancing

Trending