{"id":28245,"date":"2019-08-05T12:56:00","date_gmt":"2019-08-05T12:56:00","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/"},"modified":"2019-08-05T12:56:00","modified_gmt":"2019-08-05T12:56:00","slug":"is-your-enterprise-software-committing-security-malpractice","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/","title":{"rendered":"Is your enterprise software committing security malpractice?"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2018\/03\/cybersecurity_eye-with-binary_face-recognition_abstract-eye-100751589-large.3x2.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Back when this blog was dedicated to all things Microsoft I routinely railed against the spying aspects of Windows 10. Well, apparently that\u2019s nothing compared to what enterprise security, analytics, and hardware management tools are doing.<\/p>\n<p>An analytics firm called ExtraHop examined the networks of its customers and found that their security and analytic software was quietly uploading information to servers outside of the customer&#8217;s network. The company issued a <a href=\"https:\/\/www.extrahop.com\/company\/press-releases\/2019\/extrahop-issues-warning-about-phoning-home\/\" rel=\"nofollow noopener noreferrer\" target=\"_blank\">report and warning<\/a>&nbsp;last week.<\/p>\n<p>ExtraHop deliberately chose not to name names in its four examples of enterprise security tools that were sending out data without warning the customer or user. A spokesperson for the company told me via email, \u201cExtraHop wants the focus of the report to be the trend, which we have observed on multiple occasions and find alarming. Focusing on a specific group would detract from the broader point that this important issue requires more attention from enterprises.\u201d<\/p>\n<aside class=\"fakesidebar\"><strong>[ For more on IoT security, read <a href=\"https:\/\/www.networkworld.com\/article\/3254185\/internet-of-things\/tips-for-securing-iot-on-your-network.html#nww-fsb\">tips to securing IoT on your network<\/a> and <a href=\"https:\/\/www.networkworld.com\/article\/3269184\/10-best-practices-to-minimize-iot-security-vulnerabilities#nww-fsb\">10 best practices to minimize IoT security vulnerabilities<\/a>. | Get regularly scheduled insights by <a href=\"https:\/\/www.networkworld.com\/newsletters\/signup.html#nww-fsb\">signing up for Network World newsletters<\/a>. ]<\/strong><\/aside>\n<h2>Products committing security malpractice and secretly transmitting data offsite<\/h2>\n<p><a href=\"https:\/\/www.extrahop.com\/resources\/whitepapers\/eh-security-advisory-calling-home-success\/\" rel=\"noopener nofollow noreferrer\" target=\"_blank\">ExtraHop&#8217;s report<\/a> found a pretty broad range of products secretly phoning home, including endpoint security software, device management software for a hospital, surveillance cameras, and security analytics software used by a financial institution. It also noted the applications may run afoul of Europe\u2019s <a href=\"https:\/\/www.csoonline.com\/article\/3202771\/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html\" rel=\"noopener noreferrer\" target=\"_blank\">General Data Privacy Regulation (GDPR)<\/a>.<\/p>\n<p>In every case, ExtraHop provided evidence that the software was transmitting data offsite. In one case, a company noticed that approximately every 30 minutes, a network-connected device was sending UDP traffic out to a known bad IP address. The device in question was a Chinese-made security camera that was phoning home to a known \u200bmalicious IP address\u200b with ties to China.<\/p>\n<p>And the camera was likely set up independently by an employee at their office for personal security purposes, showing the downside to shadow IT.<\/p>\n<aside class=\"nativo-promo nativo-promo-1 smartphone\" id><\/aside>\n<p>In the cases of the hospital&#8217;s device management tool and the financial firm&#8217;s analytics tool, those were violations of data security laws and could expose the company to legal risks even though it was happening without their knowledge.<\/p>\n<aside id=\"fsb-2599\" class=\"fakesidebar fakesidebar-auto fakesidebar-sponsored\"><strong>[ <a href=\"https:\/\/pluralsight.pxf.io\/c\/321564\/424552\/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fcertified-information-systems-security-professional-cisspr\" rel=\"nofollow\">Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial!<\/a> ]<\/strong><\/aside>\n<p>The hospital\u2019s medical device management product was supposed to use the hospital\u2019s Wi-Fi network to only ensure patient data privacy and HIPAA compliance. ExtraHop noticed traffic from the workstation that was managing initial device rollout was opening encrypted SSL:443 connections to vendor-owned cloud storage, a major HIPAA violation.<\/p>\n<aside class=\"nativo-promo nativo-promo-1 tablet desktop\" id><\/aside>\n<p>ExtraHop notes that while there may not be any malicious activity in these examples, it is still in violation of the law, and administrators need to keep an eye on their networks to monitor traffic for unusual activity.<\/p>\n<p>&#8220;To be clear, we don\u2019t know why these vendors are phoning home data. The companies are all respected security and IT vendors, and in all likelihood, their phoning home of data was either for a legitimate purpose given their architecture design or the result of a misconfiguration,&#8221; the report says.<\/p>\n<h2>How to mitigate phoning-home security risks<\/h2>\n<p>To address this security malpractice problem, ExtraHop suggests companies do these five things:<\/p>\n<ul>\n<li>Monitor for vendor activity: Watch for unexpected vendor activity on your network, whether they are an active vendor, a former vendor or even a vendor post-evaluation.<\/li>\n<li>Monitor egress traffic: Be aware of egress traffic, especially from sensitive assets such as domain controllers. When egress traffic is detected, always match it to approved applications and services.<\/li>\n<li>Track deployment: While under evaluation, track deployments of software agents.<\/li>\n<li>Understand regulatory considerations: Be informed about the regulatory and compliance considerations of data crossing political and geographic boundaries.<\/li>\n<li>Understand contract agreements: Track whether data is used in compliance with vendor contract agreements.<\/li>\n<\/ul>\n<aside class=\"fakesidebar\"><strong>[ Now read this: <a href=\"https:\/\/www.networkworld.com\/article\/3269165\/internet-of-things\/a-corporate-guide-to-addressing-iot-security-concerns.html\">Network World&#8217;s corporate guide to addressing IoT security<\/a>&nbsp;]<\/strong><\/aside>\n<div class=\"end-note\">\n<div id class=\"blx blxParticleendnote blxM2005 blox4_html blxC23909\">Join the Network World communities on <a href=\"https:\/\/www.facebook.com\/NetworkWorld\/\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a> and <a href=\"https:\/\/www.linkedin.com\/company\/network-world\" target=\"_blank\" rel=\"noopener noreferrer\">LinkedIn<\/a> to comment on topics that are top of mind.<\/div>\n<\/div>\n<p>READ MORE <a href=\"https:\/\/www.networkworld.com\/article\/3429559\/is-your-enterprise-software-committing-security-malpractice.html#tk.rss_security\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\nBack when this blog was dedicated to all things Microsoft I routinely railed against the spying aspects of Windows 10. Well, apparently that\u2019s nothing compared to what enterprise security, analytics, and hardware management tools are doing.An analytics firm called ExtraHop examined the networks of its customers and found that their security and analytic software was quietly uploading information to servers outside of the customer&#8217;s network. The company issued a report and warning\u00a0last week.ExtraHop deliberately chose not to name names in its four examples of enterprise security tools that were sending out data without warning the customer or user. A spokesperson for the company told me via email, \u201cExtraHop wants the focus of the report to be the trend, which we have observed on multiple occasions and find alarming. Focusing on a specific group would detract from the broader point that this important issue requires more attention from enterprises.\u201dTo read this article in full, please click here READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":28246,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[738],"tags":[376,1061,307],"class_list":["post-28245","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-networkworld","tag-internet-of-things","tag-network-security","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Is your enterprise software committing security malpractice? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Is your enterprise software committing security malpractice? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-05T12:56:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/08\/is-your-enterprise-software-committing-security-malpractice.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Is your enterprise software committing security malpractice?\",\"datePublished\":\"2019-08-05T12:56:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/\"},\"wordCount\":686,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/is-your-enterprise-software-committing-security-malpractice.jpg\",\"keywords\":[\"Internet of Things\",\"Network Security\",\"Security\"],\"articleSection\":[\"Networkworld\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/\",\"name\":\"Is your enterprise software committing security malpractice? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/is-your-enterprise-software-committing-security-malpractice.jpg\",\"datePublished\":\"2019-08-05T12:56:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/is-your-enterprise-software-committing-security-malpractice.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/is-your-enterprise-software-committing-security-malpractice.jpg\",\"width\":1200,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/is-your-enterprise-software-committing-security-malpractice\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Internet of Things\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/internet-of-things\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Is your enterprise software committing security malpractice?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Is your enterprise software committing security malpractice? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/","og_locale":"en_US","og_type":"article","og_title":"Is your enterprise software committing security malpractice? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-08-05T12:56:00+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/08\/is-your-enterprise-software-committing-security-malpractice.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Is your enterprise software committing security malpractice?","datePublished":"2019-08-05T12:56:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/"},"wordCount":686,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/08\/is-your-enterprise-software-committing-security-malpractice.jpg","keywords":["Internet of Things","Network Security","Security"],"articleSection":["Networkworld"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/","url":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/","name":"Is your enterprise software committing security malpractice? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/08\/is-your-enterprise-software-committing-security-malpractice.jpg","datePublished":"2019-08-05T12:56:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/08\/is-your-enterprise-software-committing-security-malpractice.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/08\/is-your-enterprise-software-committing-security-malpractice.jpg","width":1200,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/is-your-enterprise-software-committing-security-malpractice\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Internet of Things","item":"https:\/\/www.threatshub.org\/blog\/tag\/internet-of-things\/"},{"@type":"ListItem","position":3,"name":"Is your enterprise software committing security malpractice?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/28245","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=28245"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/28245\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/28246"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=28245"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=28245"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=28245"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}