Collaborate Disseminate
In this Help Net Security video, Dr. Pedram Hayati, CEO at SecDim, and Fil Filiposki, founder of AttackForge, discuss how the two companies have formed a strategic collaboration to tackle the major challenge of resurfacing vulnerabilities. By integrati… Continue reading Solving the systemic problem of recurring vulnerabilities
With its capability to analyze, predict, and automate, AI stands to reshape many corners of business, most notably cybersecurity. In the field of vulnerability management specifically, AI is poised to have a profound impact, enhancing two key areas: Pr… Continue reading AI’s role in accelerating vulnerability management
My company has a lot of projects and uses various vulnerability scanners (e.g. Trivy, npm audit, SAST,…) in different stages in each of them.
The Problem is now that although they run well, it’s not easy to keep the overview over each of… Continue reading How to manage a lot of vulnerability scanners from CICD Pipelines?
The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Common Vulnerabilities and Exposures (CVEs) for inclusion in the National Vulnerability Database (NVD), t… Continue reading NIST says NVD will be back on track by September 2024
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency for… Continue reading HHS pledges $50M for autonomous vulnerability management solution for hospitals
Traditional approaches to vulnerability management result in a narrow focus of the enterprise attack surface area that overlooks a considerable amount of risk, according to Claroty. Organizations must take a holistic approach to exposure management To … Continue reading Cybersecurity analysis exposes high-risk assets in power and healthcare sectors
AI PCs could soon see organisations invest in whole fleets of new managed devices, but Absolute Security data shows they are failing to maintain endpoint protection and patching the devices they have. Continue reading Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics
Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA’s deadlines, according to Bitsight. Organizations struggle t… Continue reading Critical vulnerabilities take 4.5 months on average to remediate
The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown. NVD is faili… Continue reading CISA starts CVE “vulnrichment” program
Cybersecurity is a relatively new challenge for many IoT device makers who have traditionally produced non-connected devices. These devices were less vulnerable to exploitation and, as a result, manufacturers often lack the expertise and experience nee… Continue reading Regulators are coming for IoT device security