Exploiting weaknesses in browsers, operating systems, and other third-party software to infect end user systems is a common initial step for security attacks and breaches. Finding and fixing these vulnerabilities before the attackers can take advantage of them is a proactive defensive measure that is an essential part of any security program.
Overview of VM Program: Prepare Assess Remediate Track Progress
When Microsoft undertook an extensive evaluation of Web Application Vulnerability scanning solutions on the market, the company’s Cloud and Enterprise Security Services team knew it would be no small task. Microsoft wanted to build a world class, scalable Web App Vulnerability scanning service that would serve all of their different service teams in building secure applications. Top on the list of technical aspects was whether the Web App Vuln Scanning solution could handle the general scale of a company as large as Microsoft.
Read this case-study to learn what factors went into Microsoft’s key decision criteria in deciding on a web application program for its project.
This research report is the result of a year long data collection program of opportunistic credential scanning data from Heisenberg, Rapid7’s public-facing network of low-interaction honeypots.
Instead of focusing on the type of passwords end users typically pick, this data shows what passwords opportunistic scanners are using in order to test and likely compromise Internet connected point of sale systems, kiosks, and desktop PCs which offer Remote Desktop Protocol service for remote management.