Greenbone AG

15 years of Greenbone – a look back at 2023

,

The end of the year could hardly be better: Greenbone can look back on the most successful year in its company history. After 15 years, the Osnabrück-based company has grown into a successful public limited company in 2023. Greenbone has grown from 50 to 120 employees within the space of a year, and the journey is far from over: not only EU legislation, but also various collaborations and commitments are enabling further growth. We look back on 2023 and thank our customers, partners, and the OpenVAS community.

A successful year at one glance

The growth can be seen both in the Greenbone blog, which had ten times more readers in 2023, and in the new community portal – a big thank you goes to the large Greenbone community!

In addition to numerous reports on vulnerabilities from VMware to Microsoft, Atlassian, Citrix and many others, we were able to report on projects with the  Center for Internet Security (CIS), the Federal Office for Information Security (BSI), and the OSB Alliance – Federal Association for Digital Sovereignty.”

We also continue to participate in studies by renowned universities such as the “Comparison of the Security of Open-Source Software and Proprietary Software” by Dr. Marc Ohm (Rheinische Friedrich-Wilhelms-Universität Bonn).

Zero Days, Log4j, Citrix, Atlassian, Sharepoint

We warned of serious vulnerabilities, all of which had already been detected with suitable tests developed by our specialists in the Greenbone Enterprise Appliances – our customers were always warned and in many cases were able to protect themselves proactively. Whether ransomware threatened companies via VMware EsXi, or via Outlook Zero days, the aftermath of the Log4j disaster from 2022 or the critical errors in Citrix Netscaler, Confluence, f5 Big IP or Sharepoint, Greenbone customers were forewarned and provided with tests.

Greenbone tests web applications …

In 2023, we have also increased our commitment in other areas: We now also test your web applications. We operate strictly in accordance with GDPR regulations, we are ISO 27001/9001 certified and have outstanding security experts. As with our vulnerability management products, you will also receive detailed reports on your security situation with clear instructions for action, which the Greenbone experts will be happy to help you implement.

… and is present at international trade fairs, congresses and panels.

We also increased our presence at international trade fairs this year: we attended the ITSA, the PITS (“Public IT Security”) congress organized by Behördenspiegel and the renowned Open Source Experience 2023 (OSXP) in Paris. At the PITS congress, Greenbone CEO Jan-Oliver Wagner was also invited as an expert to share his knowledge at the panel discussion “Putting your finger in the wound – manage or close vulnerabilities?” moderated by Katharina Sook Hee (National Cyber Defense Center of the BSI).

There was broad agreement that “vulnerability management is becoming increasingly important”. This is also due to new legislation, which is leading to more and more vulnerabilities being reported, a general increase in awareness and more draconian penalties for companies that disregard compliance rules, for example. The pressure is increasing, even for companies that are not KRITIS.

Regulation makes vulnerability management mandatory.

At the same time, the vulnerabilities identified are getting older, have been open for longer than before and are being exploited increasingly quickly, with ransomware remaining the top threat.

It is no wonder that both the German government and the EU have recognized the signs of the times: The federal government is investing extensively in cybersecurity, and the EU’s Cyber Resilience Act also prescribes packages of measures that make vulnerability management a la Greenbone mandatory in many companies.

Together with the BSI: the new SMP federal portal

Together with the German Federal Office for Information Security (BSI), we have therefore introduced the Greenbone SMP-Bund portal. As a central point of contact for IT security and vulnerability management, it offers authorities concrete support with the current challenges of IT security.

In addition to extensive information and a forum for exchanging ideas on vulnerability management, the portal also offers direct access to Greenbone support, contact with our sales team and exclusive conditions with Greenbone framework agreements.

2023 was a good 15th year for Greenbone, we would like to take this opportunity to thank all customers, partners, and the community again, without your help none of this would be possible.

Thank you, happy holidays and a happy new year!

Contact Free Trial Buy Here Back to Overview

/by
Markus Feilner

New zero-day exploit in Microsoft Exchange Server – Greenbone Enterprise Feed offers protection

,

We have developed a remote test for the Microsoft Exchange Server ProxyNotShell vulnerability GTSC2022.

Update from 2022-10-13: The vulnerability still exists after the October patchday on Tuesday. The blog post of Microsoft’s Security Response Center is continuously updated by the company, the last entry is from October 08.

The mentioned zero-day exploit in Microsoft Exchange Servers [GTSC2022] was published on September 28th by the cyber security company GTSC. After investigating a security incident, the security researchers discovered evidence of active exploitation of two vulnerabilities that can be used to compromise even fully patched systems.

The test (check here) extends our current vulnerability detection for Outlook Web Access (OWA) by checking whether Microsoft’s suggested remedies are in place. So far (beginning of October 2022), Microsoft only recommends workarounds. Microsoft Exchange users can use our test to ensure that the workaround instructions are implemented and active. Our customers can simply continue to use their Greenbone product, the test is already implemented in the feed. Those who do not yet have a Greenbone product yet, please use the link (check here) above.

Information on the technical background

Microsoft has published a post on its website [MSRC2022] describing that the vulnerabilities allow server-side request forgery (CVE-2022-41040) and remote code execution (CVE-2022-41082) if the attacker has access to PowerShell. However, this requires authenticated access to the vulnerable server (according to Microsoft, the Microsoft Exchange Servers 2013, 2016 and 2019).

The migration measures listed in the Microsoft blog (for example, disabling access to Powershell for unprivileged users) should be implemented as soon as possible by customers with on-premise solutions, as there is currently no known security update that fixes the vulnerability. According to Microsoft, users of Microsoft Exchange Online are not affected.

The severity of the vulnerability

In the Common Vulnerability Scoring System (CVSS), the vulnerabilities were rated as “high” and “medium” with a severity score of 8.8 and 6.3 out of 10, respectively. Since the vulnerabilities are already being actively exploited by attackers, there is also an increased risk of compromise for German institutions.

Sustainable protection of your IT Networks

If you want to know which systems in your network are (still) vulnerable to vulnerabilities – including the ProxyNotShell vulnerability – our vulnerability management helps you. It is used in systems that must be patched or otherwise protected in any case. Depending on the type of systems and vulnerabilities, they can be found better or worse. The detection is also constantly improving and being updated. New gaps are found. Therefore, there may always be more systems with vulnerabilities in the network. Therefore, it is worthwhile to regularly update and scan all systems. The Greenbone vulnerability management offers corresponding automation functions for this.

Our vulnerability management offers the best protection

Vulnerability management is an indispensable part of IT security. It can find risks and provides valuable information on how to eliminate them. However, no single measure offers 100% security, not even vulnerability management. To make a system secure, many systems are used, which in their entirety should provide the best possible security.


Contact Free Trial Buy Here Back to Overview

/by
Robin Saatkamp

Holistische LPs

a:7:{s:8:”location”;a:1:{i:0;a:1:{i:0;a:3:{s:5:”param”;s:9:”post_type”;s:8:”operator”;s:2:”==”;s:5:”value”;s:8:”holistic”;}}}s:8:”position”;s:6:”normal”;s:5:”style”;s:7:”default”;s:15:”label_placement”;s:3:”top”;s:21:”instruction_placement”;s:5:”label”;s:14:”hide_on_screen”;a:1:{i:0;s:11:”the_content”;}s:11:”description”;s:0:””;}

/by
Robin Saatkamp

Holistische LPs Sidemenü

a:7:{s:8:”location”;a:1:{i:0;a:1:{i:0;a:3:{s:5:”param”;s:9:”post_type”;s:8:”operator”;s:2:”==”;s:5:”value”;s:8:”holistic”;}}}s:8:”position”;s:4:”side”;s:5:”style”;s:7:”default”;s:15:”label_placement”;s:3:”top”;s:21:”instruction_placement”;s:5:”label”;s:14:”hide_on_screen”;s:0:””;s:11:”description”;s:0:””;}

/by