Not just security, the right security.
No researcher has yet claimed to find one million vulnerabilities, but we are sure to see that headline in the future. Every so often we see news articles touting a security researcher who found an incredible number of vulnerabilities in one product or vendor. Given that most disclosures involve a single vulnerability, or sometimes a […]
2017 appears to be on pace to exceed 2016’s high mark of 15,669 disclosed vulnerabilities, according to Risk Based Security. RICHMOND, VA, July 26, 2017 — Risk Based Security today announced the release of its Mid-2017 VulnDB QuickView report that shows there have been 9,690 vulnerabilities disclosed through June 30th. This is the highest number […]
The pace of data breach disclosures remains steady compared to the prior two years while the number of records exposed jumps to a record high. RICHMOND, VA, July 25, 2017 — Risk Based Security today announced the release of its Mid-Year 2017 Data Breach QuickView report, showing there have been 2,227 publicly disclosed data compromise […]
On March 9, 2017, RAND released a report (PDF) titled “Zero Days, Thousands of Nights; The Life and Times of Zero-Day Vulnerabilities and Their Exploits” by Lillian Ablon and Andy Bogart that received a fair amount of press. The RAND press release goes on to describe it as “the first publicly available research to examine […]
We have continued to see a steady rise in the acceptance and adoption of vulnerability bug bounty programs the last several years. Companies like Microsoft, that many may have forgotten that they once said they would not pay for vulnerability information seven years ago, have been steadily expanding their program to pay for more and more vulnerability […]
It has been reported that a new malware strain called Petya is spreading by using a code execution vulnerability in Microsoft Office and WordPad (CVE-2017-0199) and then taking advantage of ETERNALBLUE (CVE-2017-0145), which is the same vulnerability exploited by the WannaCry malware. Most people would agree that WannaCry was a pretty big event, and it […]
We have now come to the end of our blog series discussing CVSSv3. Over the past several months, we’ve attempted to cover the many disadvantages and some advantages of this standard, and how it compares to CVSSv2. New problems have been introduced, old problems remain, but improvements have also been made. Blog Series Feedback […]
Every year Risk Based Security attends and presents at a variety of industry events, with the FIRST annual conference being one of our favorites. For those unfamiliar with FIRST, it is a close-knit community of incident response professionals with a long tradition of members working collaboratively on special interest topics and sharing information with the […]
2017 starts off with an unrelenting rise in vulnerabilities, according to Risk Based Security RICHMOND, VA, May 23, 2017 — Risk Based Security today announced the release of our VulnDB QuickView for the first quarter of 2017. The report shows an unrelenting rise in the number of vulnerabilities being reported. Unless the pace of vulnerability […]
The most comprehensive vulnerability intelligence and third party library monitoring service available.
Extensive database of data breaches with interactive dashboards, leaked email accounts and vendor assessments.
Affordable SaaS security solution providing a complete Information Security Program with access to a CISO.
Risk Based Security’s risk management solutions are a combination of data analytics, risk assessment and improvement strategies.
Richmond, VA
(855) RBS-RISK
EMAIL US