I had the honor of speaking on a panel earlier this week at the Gartner Security & Risk Management Summit with Qualys, Verisign and HBO on the “State of Vulnerabilities, Exploits and Best Practices for Prioritizing Remediation.” I’ve presented by myself at other events in the past, but I find that the stress level is a little lower when you’re on a panel because you don’t have to worry about putting together slides and speaking notes. Or so I thought. Right before our panel, I found out that a colleague had provided slides for the same panel that was done at an event in Europe last week. So 10 minutes before our panel starts, I find out I have slides to present that I’ve never seen before – to over 200 people! Luckily, I had attended ProductCamp events in Austin that included “PowerPoint Karaoke” sessions. PowerPoint Karaoke is an improvisational activity in which a participant must deliver a presentation-based on a set of slides that they have never seen before. The organizers usually pull various decks from SlideShare and mix up slides in no particular order. It is a very fun activity, but it also helps the development of your public speaking and communications skills, not to mention helps you think outside the box and improvise when you’re caught offguard.
While I had prepared for the panel by making sure I was up to date on the latest security news and trends, sometimes life just throws you a curveball, like in my case with the PowerPoint slides. You may do everything to make sure your network is safe, but sometimes those vulnerability curveballs hit you right in the strike zone. There isn’t one product that will be the cure-all for your security woes, but you can take the bite out of those vulnerabilities seeping into your network by making your various security solutions work together. By working with partners like Qualys, Rapid7 and Tenable, TippingPoint is able to provide a feature called Enterprise Vulnerability Remediation (eVR). eVR allows customers to pull in information from third party vulnerability management and incident response vendors, map CVEs to TippingPoint Digital Vaccine filters, and take action based on the enhanced threat intelligence to increase their security coverage. We’re making sure you’re not caught offguard by a vulnerability in your network, while reducing your administration time and optimizing your overall security posture. You can learn more about eVR here.
Upcoming Webinar: “Secure Your Network with TippingPoint Threat Protection System (TPS)”
June 22, 2016 – 1:00pm CDT (live) or after on-demand
Speakers: TJ Alldridge and Satinder Khasriya
The Trend Micro TippingPoint Threat Protection System (TPS) family offers comprehensive threat protection against known and zero-day attacks. Attend this webinar to see the many ways the TPS can be used to protect your environment against the latest threats as well as the old ones too.
Click here to register: https://www.brighttalk.com/webcast/7479/210181
Microsoft Patch Tuesday Update
This week’s Digital Vaccine (DV) package includes coverage for the Microsoft Security Bulletins released on or before June 14, 2016. This month’s Patch Tuesday included 16 update bulletins with five rated critical covering 44 CVEs. The following table maps Digital Vaccine filters to the Microsoft Security Bulletins. Filters designated with an asterisk (*) shipped prior to this week’s package, providing zero-day protection for our customers:
|Bulletin #||CVE #||Digital Vaccine Filter #||Status|
|MS16-063||CVE-2016-3211||–||Local only, not network exploitable|
|MS16-075||CVE-2016-3225||–||Local only, not network exploitable|
|MS16-077||CVE-2016-3236||24758||Shipped in DV8830|
|MS16-078||CVE-2016-3231||–||Local only, not network exploitable|
Missed Last Week’s News?
There are four new zero-day filters covering three vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative web site.
Updated Existing Zero-Day Filters
This section highlights specific filter(s) of interest in this week’s Digital Vaccine package that have been updated as a result of a vendor either issuing a patch for a vulnerability found via the Zero Day Initiative or a vulnerability that has been published by the Zero Day Initiative in accordance with its Disclosure Policy.
This week’s updated zero-day filters focus on vulnerabilities in Trend Micro’s InterScan Web Security Virtual Appliance that could potentially allow a remote attacker to execute arbitrary code on vulnerable installations. The updated filters reflect the fact that the vulnerabilities have been published as Trend Micro has issued an update to correct them.