Disclaimer

The content of this material are challenges faced onsite and how I personally resolved them. Please be noted that solutions posted here

1> should not be considered as ultimate. The material may be considered for reference only.

2> should not be considered as guarantee that solutions may work. Contact Cyberoam support before making any changes.

3> blog does NOT belong to the Cyberoam. It's a blog...a personal blog.

Changes done after referring this site may seriously damage the network. So...

........DO CHANGES AT YOUR OWN RISK

(please contact cyberoamsupport before implementing any changes)

Friday, 27 June 2014

Is finding first the new security trend?

I have been thinking about this for sometime now, if finding the vulnerability first is the new security trend?

After browsing through various public vulnerability exploit database, my answer to the question was simple to find.

First lets find a vendor whose application is vulnerable and check when exactly it was publicly available. Let's check IE

 Let's check when when it became public. Published on 24th of June2014.

 Let's now check when vendors in the market has released a patch for the same:


When was it exactly?



Cool, our customers are safe even before it was public!!!

(only if they have applied it in IPS policy....this makes me realize how many customers are really following these vulnerabilities and applying them timely. Or what if we can automate these new fixes based on policy they have applied. I am sure most vendor should have implemented long ago.)



Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)