You only have to scan the ones you want to keep

Growing up, my dentist had a sign “You don’t have to brush all your teeth, just the ones you plan to keep.”  I thought of that when talking to Qualys recently. As we look ahead to IPv6, vulnerability scanning needs to be addressed.   Old methods like scanning IP ranges don’t work when scanning IPv6.   Qualys’ …

Continue reading ‘You only have to scan the ones you want to keep’ »

Cyber-Ark / Qualys Integration

Last year at about this time, Qualys and Cyber-Ark announced a new integration.   I implemented this last week. Most companies have password policies requiring the expiration of passwords.   Yet these policies hardly ever get applied to service and application accounts only users.   Many times these service passwords even predate the implementation of strong password requirements.  This is …

Continue reading ‘Cyber-Ark / Qualys Integration’ »

KB2264107 Available Through Microsoft Update

A mere 5 months after its initial release, Microsoft has made update KB 2264107 available through Microsoft Update.   Previously it had been available only as a direct download.  This patch was created to control the DLL search path algorithm.  As I understand it deploying the patch only gives you the ability to then deploy a …

Continue reading ‘KB2264107 Available Through Microsoft Update’ »

50 Percent of Enterprise XP running SP2

According to Qualys, 50% of enterprise Windows XP computers are still running Service Pack 2. This was reported by Byron Acohido in a USA Today article. This matters because MIcosoft will stop providing security patches for computers with this service pack in July. If you’re running XP, you must have service pack 3 to continue …

Continue reading ‘50 Percent of Enterprise XP running SP2’ »