SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
How do you Implement Vulnerability Management for PCI Compliance?
Payment Card Industry Data Security Standard (PCI DSS) is a data safety requirement to be followed by all companies and organizations that store, process, or transmit credit card/financial information. If your organization handles financial data, it’s highly likely you’ve heard of it before and are ...
CVE Research
The Vulnerability Management Dashboard Every CISO Needs!
Vulnerability scans show a large volume of vulnerability data which could be unstructured and complex to analyze. Bulky, hard-to-read data creates chaos during the rating and delays the remediation process. A well-structured, neatly organized vulnerability management dashboard will help CISOs, and t...
CVE Research
OpenSSL Addresses Two High Severity Vulnerabilities. Patch Now!
On October 25, 2022, the OpenSSL team issued a major flaw alert to users. OpenSSL 3.0.7 was released on November 1, 2022, to fix two serious vulnerabilities, CVE-2022-3786 and CVE-2022-3602. These flaws initially given a critical rating before being lowered to high. OpenSSL is a widely used cryptogr...
CVE Research
The Perks of Vulnerability Management Automation
When you repeatedly perform the same thing over and over again, it becomes tedious and laborious. Lengthy scans, correlation of vulnerabilities and patches, deploying the required patches throughout multiple devices, and finally doing it again add to the frustration and exhaustion. But now, in the m...
CVE Research
Google Chrome Rolls out an Emergency Security Patch for a High Severity Zero-day Flaw!
Google has recently released an emergency security fix to patch a Zero-Day vulnerability CVE-2022-3723. This vulnerability was in the Chrome browser application. Although the previous security patch was present on Tuesday (October 25th), this patch is within a gap of two days, i.e., on Thursday (Oct...
