trackd_logo_dark-1

The trackd blog

News, stories and insights from the team at trackd

Vulnerability Prioritization

How to Patch Vulnerabilities: A Comprehensive Guide

Leaving vulnerabilities unpatched can expose organizations to significant risks. Attackers actively search for known vulnerabilities to exploit, and exploiting unpatched vulnerabilities is a common technique. Such attacks can result in data breaches, financial losses, reputational

Vulnerability patching isn't sexy, and often the reasons for patches not working aren't either.

Why Patches Fail

In this blog series, we’ll look at some of the more mundane – albeit common and operationally-significant – reasons patches fail.

There's way too much hype about exotic cyber attack vectors...the old ones are working just fine for the bad guys.

Let’s Ease Up on the Cyber Criminal High Tech Hype

It probably makes sense to take the hyperventilating stories of cutting-edge attack vectors with a grain of salt. There will come a day when the primary means of initial penetration become obsolete or are abandoned

Vulnerability Prioritization

How to Patch Vulnerabilities: A Comprehensive Guide

Leaving vulnerabilities unpatched can expose organizations to significant risks. Attackers actively search for known vulnerabilities to exploit, and exploiting unpatched vulnerabilities is a common technique. Such attacks can result in data breaches, financial losses, reputational damage, and legal liabilities.

Vulnerability patching isn't sexy, and often the reasons for patches not working aren't either.

Why Patches Fail

In this blog series, we’ll look at some of the more mundane – albeit common and operationally-significant – reasons patches fail.

Modern patch management software provides insights on how patches have been disruptive to help identify the problem patches before they break a network.

MSP Patch Management: The Delicate Balance Between Operational Risk & Security Risk

The only thing better than learning from your own mistakes is learning from the mistakes of others. At trackd, we have come up with a radically simple but elegant solution to help organizations differentiate between the 98% of patches that are necessary and safe, and the 2% that will have your clients calling you on the weekends.

Cybercriminal don't discriminate; they scan the internet for targets.

Remember, We’re All Just an IP Address to Cyber Criminals

In today’s threat landscape, you don’t have to be a high-profile private or public organization to be targeted. You don’t have to be storing highly valuable technology IP or high-value health records, and you don’t have to piss off a hacktivist group with a bone to pick. You simply have to have an unpatched vulnerability that pops up on a list delivered to a threat actor after indiscriminately scanning the internet.

Operational risk is the primary challenge to aggressively mitigating cyber risk.

The Never-Ending Battle: Routine Patching vs. Operational Stability

It’s time for vulnerability management technology innovators to spend less time identifying and reporting on vulnerabilities, and more time building tools to help IT teams fix them more efficiently…and without their fingers constantly crossed.

There's way too much hype about exotic cyber attack vectors...the old ones are working just fine for the bad guys.

Let’s Ease Up on the Cyber Criminal High Tech Hype

It probably makes sense to take the hyperventilating stories of cutting-edge attack vectors with a grain of salt. There will come a day when the primary means of initial penetration become obsolete or are abandoned by the cyber criminal community in favor of something revolutionary. However, the cyber security community – the good guys – will first need to render them ineffective and, unfortunately, we don’t seem to be close to achieving that reality.

Mike Starr Of trackd On Embedding Security in Product Design and Development

The only thing that matters is whether the person responsible for product security is able to convince all stakeholders to care about the risks associated with the absence of secure software development practices or not. If they’re unable to do this then building security components into software will always be driven reactively as a result of an incident.