New VulnDB Integration for ServiceNow Enables Better Vulnerability Response

The ServiceNow® Vulnerability Response application is a powerful way for organizations to track, prioritize and resolve vulnerabilities. However, depending on data from vulnerability scanning processes can add time to remediation activities and unnecessarily increase risk exposure. In addition, many of the sources of vulnerability data available for use within ServiceNow are incomplete, limiting visibility to […]

Software Vulnerability Management with Device42 and VulnDB

At Risk Based Security, we’ve always believed that one of the critical components of effective security is knowing your vendors and assets, understanding the threats and vulnerabilities that may impact those vendors and assets, and then using that data to prioritize mitigation actions. That’s why we’re excited to announce the VulnDB® integration into the Device42 […]

The Pains Of Vulnerability Coordination – And What To Learn From It

Some of the members of our Risk Based Security Vulnerability Research Team have been discovering and coordinating vulnerabilities for almost 20 years. Coordinating vulnerabilities can be painful at times, even if things overall have improved, especially when coordinating vulnerabilities with companies from the USA and most parts of the EU. These difficulties can be compounded […]

Critical Vulnerabilities Discovered in South Korean ActiveX controls

computer code on laptop screen

Many years ago, ActiveX was a popular technology. Unfortunately, too many ActiveX controls had a very low code maturity and were riddled with basic vulnerabilities like buffer overflows, or exposed unsafe functionality even if marked as “safe for scripting”. These allowed malicious websites to trivially compromise users’ systems. Today, ActiveX technology is considered obsolete and […]

Vulnerabilities disclosed during the first three months of 2019 reach a Q1 all-time high

RICHMOND, VA, May 16, 2019 — Risk Based Security today released the Q1 2019 Vulnerability QuickView Report. There were 5,501 vulnerabilities aggregated by Risk Based Security’s VulnDB that were disclosed during the first three months of 2019. This represents a 1% increase over the same period in 2018, making this Q1 an all-time high. CVSSv2 […]

Risk Based Security Wins 2019 Emerging Technology Business Award

Photo of Jake Kouns, CISO and co-founder of Risk Based Security, accepting the Emerging Technology award at the RVAtech Gala

RICHMOND, VA, May 10, 2019 — Risk Based Security, a global leader in vulnerability intelligence and risk ratings, has been honored as the 2019 winner in the Emerging Technology Business category at the annual RVAtech award gala. The Emerging Technology Business award is given to organizations with high growth potential who are establishing themselves as […]

Over 1,900 breaches reported in the first three months of 2019, a new Q1 record

RICHMOND, VA, May 7, 2019 — Risk Based Security today announced the release of its Q1 2019 Data Breach QuickView Report, which found that there were 1,903 publicly disclosed data compromise events in the first three months of the year, exposing over 1.9 billion records. No other first quarter has seen this level of activity, […]

From 4,000 to 40,000 Data Breaches: People are Still the Problem

CRA data breach statistics - May 2019

On May 2, 2019, we hit a data breach milestone. The Cyber Risk Analytics research team added the 40,000th breach entry to our ever expanding data breach database. Coming hot on the heels of the 200,000th vulnerability added to VulnDB, it can be tempting to think much of the breach activity taking place over the […]

Risk Based Security Announces New Integration with Recorded Future for Intelligence-Driven Vulnerability Management

Provides richer, more actionable vulnerability intelligence to improve risk mitigation RICHMOND, VA, May 1, 2019 — Risk Based Security, Inc., a provider of detailed information and analysis on Vulnerability Intelligence, Data Breaches, and Vendor Risk Ratings, today announced a new partnership with Recorded Future, the leading threat intelligence company, to help joint customers more effectively […]

Vulnerability Fixes That Make You Go Hmm…

things that make you go hmmm...

The VulnDB research team processes a large number of vulnerability reports, exploits, and vendor advisories on a daily basis. Each report is scrutinized, classified and added to the VulnDB vulnerability database. They are enriched with important details like affected versions, requirements for exploitation, and sometimes even identifying incorrect fixes. The lack of available detail in […]