System hardening minimizes security risk by removing possible attack vectors and shrinking a system’s attack surface. Here's everything you need to know about CIS benchmarks.

2021 was the biggest year yet for vulnerabilities - how are organizations staying on top of their security programs?

The unprecedented log4j vulnerabilities caused widespread panic across the cyber security world, and brought significant operational challenges to teams scrambling to mitigate the risk. Here's what we learned.

As 2021 comes to an end, we must reflect on what we did well, what we can improve, and what simply needs to change when it comes to cyber risk.

As the year ends, cyber vulnerabilities are showing no sign of letting up. Here are just three of the most talked about CVEs for Q4 2021 - together with how to fix them.

December 2021's Remediation Summit covered all things cyber risk, bringing together the leading minds and technologies working on managing, mitigating and reducing risk. Here are seven things we learned.

The latest research from Vulcan Cyber reveals vulnerability management programs have work to do to achieve risk-based prioritization.

How do cyber security teams prioritize their cyber risk? Our latest survey with Pulse has some surprising results, along with things we already knew.

The log4shell vulnerability is gaining momentum and demands our attention. Here are some further mitigation actions to follow our previous blog.

Log4shell has emerged as a nightmare for organizations scrambling to make sense of this critical zero-day vulnerability. Here's what you need to know.

CISA and NIST are trusted sources for vulnerability information. But it's a mistake to rely on them exclusively for prioritization or risk mitigation efforts. Here's why their latest reports are nothing more than a good start.

We've changed our messaging to better help companies change the way they look at cyber risk. Here's what's different.