Strategic

Bug-bounty programs live and die by their ability to target public-facing assets and then expose related vulnerabilities. But one asset is out of their reach, and it’s arguably the most dangerous to your network.

Recent reports from FireEye revealed a large-scale campaign to infect company networks using a modified version of the SolarWinds Orion monitoring agent.

Oh, the world of good ol’ bug-bounty programs. In recent months they’ve become a hot topic for IT teams looking to unearth vulnerabilities. And it’s easy to see why. They’re flashy and promise the world. Your company gets notified when a vulnerability is detected. The bounty hunter gets paid for the finding. Everybody leaves happy. Well, not really. Here’s why

Getting hacked hurts. Not only is it often a PR nightmare and the cause of sleepless nights – a company data breach is a financial fright fest that can cost you millions of dollars.

Practical, expert-tested guidance you can apply to immediately improve your network security.

It’s pretty common for companies to bundle social engineering into their penetration testing programs. But when the report shows up, you may find you’re surprised and frustrated at the rate of employees clicking links to open malicious documents. How were my employees so easily manipulated? And why didn’t anyone on the IT staff catch this? Don’t sweat it. Happens to...