Explore Vulnerabilities on Experts Exchange

Expert Solutions for Your Tech Problems

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three eleme...

Read more
  • 7.7K Content
  • 5.0K Contributors

Expert Spotlight
Shaun Vermaak
COG Lead Engineer

I'm Shaun Vermaak. I love tech and how it improves life and business. Did you find what you were looking for?

Advice Solution

Are AD Ids and medical doctors'  Medical Registration number deemed as PII?

bysunhux
11

 

Are the following deemed as PII (Personally Identifiable Information)?:

a)  staffs'  AD Id (Active

Advice Solution

WatchGuard Firewal - unable to access the WEB UI

byMiguel Escarzaga
7

Hello everyone, 
I am currently managing a WatchGuard M500 firewall and accidentally disabled the Web

Research Solution

Threat Modelling of SaaS vendor or the tenant is more crucial?

bysunhux
3

 

We host only public info (non-sensitive data) on a few portals in SiteCore XM SaaS.

 

Q1:

Would it be

Troubleshooting Solution

TLS v1.3, Cipher Suite Hardening, and Rate Limiting on Exchange Server 2016

byGautam
5

Dear Experts,

We are currently operating an on-premises email infrastructure comprising:

  • Windows
Advice Solution

Kali Linux VM as a Jump Host for 3rd Party VAPT

byTech Curious
9

Hi


We hired a 3rd party company to perform a black box VAPT on our internal & external apps, servers

Advice Solution

Pros & cons of Letsencrypt for SSL certs

bysunhux
6

Some queries were raised if it's Ok to use LetsEncrypt (LE) for SSL certs (for both Internet-facing

Advice Solution

is website & Prodentim product a Scam

bysunhux
5

 

ProDentim - Text Presentation

 

Is above a scam website?  This controversial ProDentim has differing

Research Solution

Use cases for SharePoint Online & Purview  SOC monitoring

bysunhux
3

We're setting up several SharePoint Online (SPO) portals.   Though there's SOC2 Type 2, the security

Advice Solution

is separate penetration tests & secure code scans needed for new sub-url portals?

bysunhux
1

 

A project team told me that they've done penetration test and secure code review on the main

Advice Solution

GnuPG latest stable release has a low-risk CVE: do we accept risk or update to 'public test' / beta version?

bysunhux
2

We used GnuPG tool & during vulnerability scan, it flags out the following low-rated finding:

     

Troubleshooting Solution

SSL Cert with Wrong Hostname: team felt this is a false penetration test finding

bysunhux
26

 

Refer to project manager's assertion below?  He's claiming the penetration tester's finding is a

Research Solution

is Thales' Openssh ver 8.3 still supported?

bysunhux
5

 

Q1:

Is OpenSsh  Ver 8.3  on Talos appliance still supported by Talos or deemed as

Advice Solution

Azure Security center access for AEM customers

bysunhux
1

We are hosting portals on AEM (Adobe Experience Manager).

 

Would it be possible to extract from Azure

Troubleshooting Solution

Microsoft .Net Framework cleanup

byÉric Moreau
8

We had a pentest done lately and trying to fill the gaps and remediate issues.

 

In our toolset, we

Advice Solution

Using RSA2048/AES to replace MD5  (rather than using SHA2/3)??

bysunhux
4

In an upcoming project, they're using MD5 to encrypt Chat (or Chat Bots transcripts/messages):

I

Troubleshooting Solution

Intermittent Issue with Missing Email Attachments in Exchange Server 2019

byCelso Javier Guzmán Díaz
5

Hello Community,

 

This is an issue I hadn’t experienced before. For example, today I sent an external

Troubleshooting Solution

is the ciphers obtainable from registry key of Win OS the actual ciphers offered by the web server

bysunhux
1

 

We don't have a scanner to scan the SSL ciphers used by our Intranet webserver.

 

Q1:

Instead can just

Advice Solution

fraud transactions on bank debit card

bygp
34

Hi,

 

Some one keep doing fraud transaction using my bank debit card. I changed the card 2 weeks back

Advice Solution

VMware - Esxi v8 - CVE-2018-3646

byCHI-LTD
2

Hi

I have just upgraded one of our esxi hosts from v7 to v8 but now i see the following kb warning:

Advice Solution

Security scores dashboard from commercial cloud; AWS screen to show available cloudwatch log groups

bysunhux
3

From our commercial cloud's dashboard, we got the following two screens:

 

Q1:

Should I ask the project

Do more with Experts Exchange.


Get Answers

Join a Group Discussion

Collaborate

Monitor your Site

Explore solutions and more