The average time from the discovery of a vulnerability to a patch being issued is, for well-supported software, thirty days. In a best-case scenario, cybercriminals have a whole month to make the most of the exploit.Of course, it’s not always a best-case scenario. For example, in 2016, an SAP authentication vulnerability was patched that had first been reported way back in 2012. Any hacker looking to use this vulnerability to gain access to a system had the best part of four years to do so. And some business practices mean that there is much longer between a vulnerability being discovered and a patch being released—Oracle rolls all of its patches into a quarterly Critical Patch update, meaning there are potentially three months from a patch being created until it’s rolled out.The issues aren’t only on the software providers’ side—in fact, the biggest problems can be found with the users and businesses who fail to install patches. This isn’t … [Read more...] about Are ERP patches regular enough to be value for money?
Best windows patch management software
Who doesn't love free software?Infosec professionals are fortunate to have many good free tools for a range of tasks. The following list of two dozen tools include everything from password crackers to vulnerability management systems to networks analyzers. Whatever your security role is, you'll find something useful here.MaltegoPaterva develops this forensics and open-source intelligence app, designed to deliver a clear threat picture for the user's environment. It will demonstrate the complexity and severity of single points of failure as well as trust relationships that exist within the scope of one's infrastructure. It pulls in information posted all over the Internet, whether it's the current configuration of a router on the edge of the company network or the current whereabouts of your company's vice president. The commercial license does have a price tag, but the community edition is free with some restrictions.OWASP Zed Attack Proxy (ZAP)The Zed Attack Proxy (ZAP) is a … [Read more...] about 24 best free security tools
Secunia's Personal Software Inspector 3 (PSI) has been discontinued by Flexera, which bought it in 2015. People who have been using it to update Windows programs over the past decade are now looking for a replacement - and if you have not been using a vulnerability management program like this, you should consider it.Microsoft provides Windows Update to keep its operating system up to date, and other programs may have their own background processes - Google Chrome and Firefox are examples - or check for new versions when they are run. PSI provided a simple way to check and update a wide range of third-party programs, including ones that hadn't been used recently. This helps avoid malware attacks on vulnerable software such as Oracle's Java JRE, Adobe Reader, Adobe's Flash Player, and Apple's iTunes and QuickTime.And you may well have more programs on your PCs than you think. My Dell desktop, for example, came with a suite of Nvidia programs that support the graphics card, the Killer … [Read more...] about Finding a software updater to replace Secunia’s PSI
The best iPad apps It's the apps that really set iOS apart from other platforms - there are higher quality apps available on the App Store for the iPad than any other tablet. So which ones are worth your cash? And which are the best free apps?Luckily for you we've tested thousands of the best iPad apps so that you don't have to. So read on for our selection of the best iPad apps - the definitive list of what applications you need to download for your iPad now.Haven't bought an iPad yet and not sure which is best? We've got them listed on our best iPad ranking - or you can check out the best tablets list to see the full range available now.If you are looking for games, then head over to Best iPad games - where we showcase the greatest games around for your iOS device. Or if you're using an iPhone X or iPhone 8 head over to our best iPhone apps list. And if you're a professional, you may want to head straight to our top business apps.New: Core Animator ($5.99/£5.99/AU$9.99)Core … [Read more...] about Best iPad apps 2018: download these now
It's been more than a year since Microsoft ended the decades-old practice of letting customers choose which patches they apply, and instead instituted a cumulative update maintenance model for Windows 7 and its shadow-of-a-sibling, Window 8.1.And yet some users still don't grasp the new scheme."There are plenty of people who don't know which kind of update they should use," Chris Geottl, product manager with client security and management vendor Ivanti, said in a recent interview. "'Which one should I do? What non-security features are included in the monthly rollup? There's still some confusion."No wonder there.Microsoft asked for a lot last year. It asked enterprise IT administrators to upend ingrained patching practices. It asked them to make radical changes to how they maintain Windows 7 deep into its lifecycle, when there were just three years and change remaining before retirement, a phase most admins probably thought they'd be coasting as they prepped for Windows 10. It asked … [Read more...] about Windows 7 update guide: How ‘security-only’ and ‘monthly rollups’ differ