Feeds:
Posts
Comments

Posts Tagged ‘Vulnerability Management’

tenable-io_product_overview_malay_version

This video is about Tenable.io product that presented in Malay version .

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

tenable-io_product_overview

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

espincorp-vulnerabilitymanagementrends

From the past 5 years, we see the vulnerability management solution incorporate innovation and best practice technologies from endpoint (capable to base on vulnerability scan result to enforce endpoint firewall blocking and local agent for vulnerability scanning), related with patch management (simplify the remediation for major supported platform vulnerability patching), importing vulnerability scanning result into penetration testing (pentest) tool for exploit verification, rise of interest for static application security testing (SAST), rise of cloud scanner, capability to integrated with web application firewall (WAF), merging of vulnerability scanning and configuration auditing.

For the coming years, for sure we will look forward for the enterprise dashboard consolidate all the respective vulnerability scanners from network, application, database scanners etc to provide unified application vulnerability correlation (AVC).

As the vulnerability management solution keep growing and matured, the price point will continue to drop, since more and more players from different industry will start come in and provide “me-too” solution. At the same time, open source alternative continue to advance and counter the rising price point from those solution, typical balancing act for the market demand and supply.

For the coming years, we will expect specialised scanners functionality will be further incorporate inside generic scanners. The market for truly specialised tool will notice for the market shrink, and most probably take over by those generic and larger players.

In the end, the market will divide into two end, those who continue to use the specialise scanners to get things done, but with set of different scanners (mostly named as professional users); and rise of enterprise grade vulnerability management with range of module /option for turn on and perform those advance feature. It like the Unified Threat Management (UTM) trend for the firewall market.

How many option and module can be provide by the player will be important buying criteria, with the overall lower total cost of ownership.

Mobile app security testing, mobile phone vulnerability will be one of the area attract the attention, a option most of modern enterprise interest to have and to perform deep mobile application security testing, since most of the Internet traffic will come from mobile device, and app inside the mobile.

For customer new to this solution market or have requirement in hand, feel free to contact E-SPIN solution consultant base on your project/requirement in hand.

Read Full Post »

espincorp-applicationvulnerabilitycorrelation-avc

Application Vulnerability Correlation (AVC) by E-SPIN

Application Vulnerability Correlation (AVC) stand for application security workflow and process management tools that aim to streamline software development life cycle (SDLC) application vulnerability remediation by incorporating findings from a variety of security-testing data sources into a centralized tool.

It is particular useful for provide “unified” len and perspective for both developer team and application security team (who perform application security audit and pentest) in communicate application vulnerability in the unified manner. It allow Dynamic Application Security Testing (DAST) vulnerability results scan, found and detect by security team import into application vulnerability correlation (AVC) system. Developer team import their application vulnerability scan, found and detect result into AVC for sharing and communicating with security team.

The benefits? Create a consolidated unified view of your applications vulnerabilities, AVC tools accelerate the remediation of vulnerable apps by fully automating the flow of app vulnerabilities between testing tools, centralized application security functions. This workflow automation is even more important with trend toward DevOps, Continuous Integration (CI), and Continuous Deployment (CD) adoption.

Settling on a common term (Application Vulnerability Correlation) provides common language between buyers and sellers that drives more efficient adoption of new technologies.

We will see the rise of AVC or changing terminology, but refer to the same matter in the coming time.

E-SPIN provide both dynamic application security testing (DAST), static application security testing (SAST), interactive application security testing (IAST), penetration testing, network, wireless, database, mobile app and enterprise vulnerability management solution for the enterprise and government customers, whether for national deployment facility or multi countries/regional or global vulnerability assessment center, cyber security lab, for those who are interest on the rising AVC, as part of our unified vulnerability management solution, please feel free to contact our consultant for the subject matters.

Read Full Post »

E-SPIN Unified Vulnerability Management (UVM)

E-SPIN Unified Vulnerability Management (UVM), the company use to unify entire solution portfolio across multiple specialization domain is being explained during one of the E-SPIN event session. How it can be use for the customer for look into it in the systematic and holistic manner and prevent from any vendor locked down, as well as all the core domain option is explained in brief.

For those who can not join the event, please watch the extract video for E-SPIN Unified Vulnerability Management (UVM) Explained.

 

Read Full Post »

e-spin_vulnerabilitymanagementwheel

What is Vulnerability Management? You will come across lot of definition from various subject matters textbook. E-SPIN Vulnerability Management Wheel explained and capture from the E-SPIN Unified Vulnerability Management solution event, provide what is vulnerability management in E-SPIN Vulnerability Management Wheel model.

In the model, with the very core of Risk – Governance – Compliance. 4 Wheel of Identify – Analyze – Mitigate – Manage. With their own process wheel, and outer influence variable and parameter, and major external force will impact and influence on the company vulnerability management program and practice is capture on the video.

For those who missed the even, you may found the video highlight below.

 

Read Full Post »

Qualys 2

For those who can not join us for the end user and channel partner product seminar session, please see the summary and highlight clip for the event.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

Older Posts »