{"id":14778,"date":"2026-05-15T01:25:02","date_gmt":"2026-05-15T01:25:02","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=14778"},"modified":"2026-05-15T01:25:02","modified_gmt":"2026-05-15T01:25:02","slug":"qa-why-vulnerability-scans-are-giving-companies-a-false-sense-of-safety","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=14778","title":{"rendered":"Q&A: Why Vulnerability Scans Are Giving Companies a False Sense of Safety"},"content":{"rendered":"


\n<\/p>\n

\n

Phillip Wylie is an internationally\u00a0<\/span>recognised cybersecurity professional<\/span>, moral hacker and offensive safety specialist with greater than 28 years\u2019 expertise throughout IT, community safety, software safety, penetration testing, crimson\u00a0teaming\u00a0and social engineering.<\/span>\u00a0<\/span><\/p>\n

\n

\n \"\"
\n <\/a><\/div>\n<\/div>\n

As co-author of The Pentester BluePrint, founding father of The Pwn College Challenge and host of The Phillip Wylie Present, Phillip has constructed his profession round making complicated safety dangers simpler to grasp with out stripping away the technical actuality. His work focuses on the gaps organisations miss once they rely too closely on surface-level testing, compliance\u00a0checks\u00a0or safety consciousness campaigns.<\/span>\u00a0<\/span><\/p>\n

On this interview with the IT Safety Guru, through the <\/span>Cyber Safety Audio system Company<\/span><\/a>, Phillip discusses why vulnerability scanning is just not sufficient, how attackers are exploiting neglected gadgets equivalent to cameras,\u00a0printers\u00a0and IoT methods, and why safety groups want to grasp risk behaviour as\u00a0a lot\u00a0as defensive know-how in the event that they need to keep forward.<\/span>\u00a0<\/span><\/p>\n

The place do organisations most frequently suppose they\u2019re\u00a0safe, however\u00a0aren\u2019t?\u00a0<\/strong><\/h5>\n

\u201cI feel there\u2019s a pair various things. One is their vulnerability administration programme, the place they\u2019re doing their vulnerability scanning. They suppose that\u2019s sufficient, or with pen testing, they\u2019re not utilizing all of the completely different strategies to check.<\/span>\u00a0<\/span><\/p>\n

\u201cSome\u00a0instances firms will use software program that do social engineering or, you understand, phishing campaigns, however what occurs with these, they\u00a0don\u2019t\u00a0have a payload in them.\u00a0So,\u00a0they\u2019re\u00a0actually simply\u00a0testing safety consciousness.<\/span>\u00a0<\/span><\/p>\n

\u201cWhereas that\u2019s good, you actually have to be testing utilizing a payload to see what occurs if somebody unintentionally clicks on a kind of hyperlinks that they shouldn\u2019t click on on.\u201d<\/span>\u00a0<\/span><\/p>\n

How do attackers adapt to new applied sciences\u00a0quicker than most organisations safe them?\u00a0<\/strong><\/h5>\n

\u201cProperly, this one-off what impacts that is risk actors need to proceed to alter the way in which they do issues. It\u2019s getting tougher to get into organisations.<\/span>\u00a0<\/span><\/p>\n

\u201cOne instance was the Akira ransomware. They\u00a0weren\u2019t\u00a0in a position to get a foothold within the setting.\u00a0So,\u00a0risk actors are going to exterior gadgets like internet safety cameras and printers and completely different IoT related gadgets.<\/span>\u00a0<\/span><\/p>\n

\u201cSo,\u00a0they have been in a position to go in, hack that system after which do a shared connection to one of many inner methods after which set up the ransomware.<\/span>\u00a0<\/span><\/p>\n

\u201cSo,\u00a0they\u2019re consistently having to change the way in which they\u2019re doing issues as a result of individuals are getting higher about defending them.\u201d<\/span>\u00a0<\/span><\/p>\n

How can safety groups keep forward of evolving threats with out slowing down innovation or progress?\u00a0<\/strong><\/h5>\n

\u201cIt\u2019s type of twofold. Training, you understand, being educated on the most recent varieties of defensive methods in addition to studying how the risk actors are attacking.<\/span>\u00a0<\/span><\/p>\n

\u201cSo, that is completed by means of programs, schooling, webinars, in addition to cyber risk intelligence.<\/span>\u00a0<\/span><\/p>\n

\u201cSo,\u00a0if\u00a0you\u2019re\u00a0maintaining with cyber risk intelligence and the most recent information,\u00a0you\u2019re\u00a0in a position to see what the risk actors are utilizing to use organisations.\u00a0So,\u00a0you\u2019re\u00a0in a position to\u00a0type of keep\u00a0forward of the sport.\u201d<\/span>\u00a0<\/span><\/p>\n

What do you hope individuals take away out of your public speeches?\u00a0<\/strong><\/h5>\n

\u201cOne of many issues I get lots is I\u2019m in a position to clarify complicated subjects the place individuals can perceive it.<\/span>\u00a0<\/span><\/p>\n

\u201cSo,\u00a0after I give my speeches, I need individuals to have the ability to perceive and study one thing from that and luxuriate in it as effectively.<\/span>\u00a0<\/span><\/p>\n

\u201cI like for my shows to be fulfilling and never boring.\u00a0So,\u00a0one of many foremost issues I need them is to return away studying one thing.\u201d<\/span>\u00a0<\/span><\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":"

Phillip Wylie is an internationally\u00a0recognised cybersecurity professional, moral hacker and offensive safety specialist with greater than 28 years\u2019 expertise throughout IT, community safety, software safety, penetration testing, crimson\u00a0teaming\u00a0and social engineering.\u00a0 As co-author of The Pentester BluePrint, founding father of The Pwn College Challenge and host of The Phillip Wylie Present, Phillip has constructed his profession […]<\/p>\n","protected":false},"author":2,"featured_media":14780,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[364,6796,5808,3443,211,7393,1061],"class_list":["post-14778","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-businesses","tag-false","tag-giving","tag-scans","tag-security","tag-sense","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14778","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14778"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14778\/revisions"}],"predecessor-version":[{"id":14779,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14778\/revisions\/14779"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/14780"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14778"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14778"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14778"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}