Blog
-
Why Moving Beyond CVSS Scores is a Business Imperative
Organizations today find themselves at a critical turning point in the evolution of their vulnerability management efforts. New vulnerabilities are being published more quickly than teams can credibly analyze and remediate them (currently greater than 75 per day), while at the same time a serious talent shortage has developed. According
-
DeepSurface 2.7
DeepSurface Risk Analyzer Version 2.7 has new capabilities for dashboard customization, richer reporting and new flexibility in hostname tagging. We’ve also available in the Azure Marketplace as a BYOL solution!
-
A View of PrintNightmare Through the Lens of Prioritization
Now that the dust has settled around CVE-2021-34527, also known as PrintNightmare, we thought we’d use it as an example of how DeepSurface can reprioritize even the highest priority vulnerabilities, saving you and your patch team hours of effort.
-
Announcing DeepSurface 2.6
DeepSurface Risk Analyzer Version 2.6 includes path summaries, third party integrations with Okta 2FA & SAML, MacOS agentless scanning support & Amazon Linux patch feeds
-
DeepSurface Security Advisory: LPE in Firefox on Windows
Firefox is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Firefox users using the same Windows system.
-
DeepSurface Security Advisory: LPE in Adobe Reader on Windows
Adobe Reader is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Adobe Reader users using the same Windows system.
-
DeepSurface 2.4
DeepSurface 2.4 expands our reporting capabilities to enable exportable reports to XLSX and PDF, added support for Thycotic Secret Server PAM, easier setup/administration including emailing of generated reports, and enhancements of our windows agent.
-
DeepSurface now integrates with Microsoft Defender for Endpoint
DeepSurface announces integration with Microsoft Defender for Endpoint - now imports vulnerability scanner data, missing patches and misconfigurations across Microsoft, Linux and Mac hosts.
-
DeepSurface Security Advisory: LPEs in Node.js on Windows (CVE-2021-22921)
Node.js is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms.
-
DeepSurface Security Advisory: Local Privilege Escalation in RabbitMQ on Windows (CVE-2021-22117)
OverviewRabbitMQ is a popular open source message broker, used worldwide by companies like T-Mobile and SolarWinds. Its flexibility and speed makes it easy to integrate with other applications, such as SolarWinds Orion Platform. Since we previously reported CVE-2021-29221 against the popular programming language Erlang, we suspected RabbitMQ would be vulnerable
-
DeepSurface Security Advisory: Local Privilege Escalation in Confluence on Windows
OverviewAtlassian Confluence Server is a popular web-based corporate content management system, allowing remote teams to collaborate efficiently on projects. With over sixty thousand customers including Docker, Linkedin, and Twilio, vulnerabilities in Confluence could have a significant impact on a large user base. While performing detailed service permissions analysis using our
-
Announcing DeepSurface 2.2!
Release 2.2 brings some exciting new features and changes in the form of tags and some UI/UX updates that make the product even easier to use.
-
Announcing DeepSurface 2.1!
We’re thrilled to announce DeepSurface 2.1, an improvement on DeepSurface 2.0 that makes it even easier to use. We’ve reorganized some things, added different nomenclature for increased efficiencies allowing you discover and remediate risk even faster.
-
DeepSurface Security Advisory: Local Privilege Escalation in Octopus Deploy on Windows (CVE-2021-26556)
OverviewOctopus Deploy is a popular DevOps automation platform that enables teams to more efficiently manage configuration, API keys, and permissions. Octopus Server allows users to self-host this platform, and is installed as a service on the host. This service runs as Local System and is a very impactful target for
-
DeepSurface Security Advisory: Local Privilege Escalation in Erlang on Windows (CVE-2021-29221)
OverviewErlang is a popular general-purpose programming language and runtime environment, with support for concurrency commonly found on many distributed systems. When distributed on Windows machines, the Erlang emulator can also be run as a service with the erlsrv.exe command. This seems to be commonly used with popular software, such