The BIGGEST CVEs of Q1 2024: Get the quarterly report

Attack surface management: A practitioner’s guide

Vulcan Cyber helped an enterprise payment platform reduce critical risk by 50% | Learn how >>

Vulcan Cyber named a RBVM Leader by The OMDIA Universe >>

GET A DEMO

The BIGGEST CVEs of Q1 2024: Get the quarterly report

Attack surface management: A practitioner’s guide

Vulcan Cyber helped an enterprise payment platform reduce critical risk by 50% | Learn how >>

Vulcan Cyber named a RBVM Leader by The OMDIA Universe >>

GET A DEMO

Author: Derek Hays

When the numbers don’t add up: the problem with CVSS scores

Common Vulnerability Scoring System (CVSS) scores are often the first ratings people see for a newly released vulnerability. It’s a good starting point. But there are often times when the CVSS score either doesn’t reflect the real risk or, more to the point, doesn’t reflect the risk to a particular organization. With that in mind,… Continue reading When the numbers don’t add up: the problem with CVSS scores

The problem with Google’s new .zip top-level domains

It would be fair to say that the modern internet exists because the Domain Name System (DNS) has made it possible for people to easily find whatever it is they may be looking for. Over the years, everyone became familiar with the most common domains: .com, .net, .org, .edu, .gov., and the various state and… Continue reading The problem with Google’s new .zip top-level domains

What the AI revolution means for cyber risk

The product is thoroughly pizzled. OpenAI’s release of ChatGPT has gotten a lot of attention lately, and we’ve written about it here at Vulcan Cyber® as well. While it’s certainly a fascinating application of their underlying GPT-3 engine, it’s unlikely to be the major security threat some have made it out to be. At least… Continue reading What the AI revolution means for cyber risk

Threat actors are hunting for good hooks. The SVB collapse is a great one. 

Silicon Valley Bank (SVB) collapsed on Marth 10th, 2023, less than two weeks before this writing. It’s the second-largest bank collapse in US history, and the worst since the financial crisis of 2007-2008. The repercussions have been felt worldwide, as SVB was widely used across the tech sector internationally. There have already been serious issues… Continue reading Threat actors are hunting for good hooks. The SVB collapse is a great one. 

CISA launches Ransomware Vulnerability Warning Pilot program (RVWP) for critical infrastructure

On March 13th, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) put out a press release on their establishing the Ransomware Vulnerability Warning Pilot program (RVWP) which was authorized by the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022. The aim of this pilot program is to proactively inform participating organizations that CISA… Continue reading CISA launches Ransomware Vulnerability Warning Pilot program (RVWP) for critical infrastructure

The Biden Administration National Cybersecurity Strategy – A practitioner’s take

This blog post is a practitioner’s take (my take) on the Biden administration National Cybersecurity Strategy, which is a solid effort to codify go-forward cybersecurity strategy, while at times lacking in a realistic path to execute on certain objectives. Focusing on five main pillars, it lays out a strategy to help establish incentives and responsibility… Continue reading The Biden Administration National Cybersecurity Strategy – A practitioner’s take

ChatGPT: An opportunity, or a threat? Part 1

Our new AI overlords?  If you ask ChatGPT, the new AI chat, to give you an example of code that will, say, “find <this> kind of file on a system, send those files to a remote system, then encrypt the files” it will deliver. If you ask it to obfuscate that code and give it… Continue reading ChatGPT: An opportunity, or a threat? Part 1

Vulnerability Clusters with Vulcan Cyber

As everyone in cybersecurity knows, one of the biggest obstacles to identifying and remediating threats quickly is the sheer volume of data to sift through. Duplicate data is a common cause of wasted effort and, particularly in larger environments, this can cause significant time delays and critical setbacks to mitigation. Vulnerability and risk management data… Continue reading Vulnerability Clusters with Vulcan Cyber

Cyber risk – enter the stage manager

Cyber security can be a complex beast. There are dozens of moving parts, competing interests, short timelines, potentially high stakes, personalities in play, and a host of other players, all trying to please a demanding and sometimes fickle audience. What’s worse, people in cybersecurity have to do all this under the constant external pressure of… Continue reading Cyber risk – enter the stage manager

What is cyber risk? Essential terminology

Few companies today can get by without an online presence. And just as you wouldn’t leave a physical storefront or office unlocked, businesses also need to ensure that their online services are secure from intruders. But if you’re not an expert yourself, but involved in any part of the cybersecurity lifecycle, you’re likely finding yourself… Continue reading What is cyber risk? Essential terminology

PLATFORM

Platform Overview

Connectors

Vulcan Free

Pricing

Compare

Vulnerability Aggregation

Vulnerability Correlation

Vulnerability Intelligence

Vulnerability Prioritization

Management Orchestration

Collaborative Security

Risk Reporting

SOLUTIONS

Exposure Management

Risk-Based Vulnerability Management

Application Vulnerability Management

Cloud Vulnerability Management

Financial Services

Federal Organizations

Retail Industry

MSSPs

CYBER RISK HUB

Blog

Resources

Vulnerability Management Basics

Voyager18 Research

MITRE Mapper

CyberRisk Summit

COMPANY

About

Careers

Become a Partner

Deal Registration

Awards and Recognition

Contact Us

REQUEST A DEMO

Copyright © 2024 Vulcan Cyber. All rights reserved. Privacy Policy | Terms of Use