The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Live webinar, Oct 13: Attend to learn how you can deduplicate vulnerability and deliver a smarter approach to cyber risk management  | Register  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

CWE top 25 most dangerous software weaknesses in 2022 – what they mean

As application development accelerates, so must security within this environment. Fortunately, there are many tools and resources to help security teams navigate the increasing threatscape of application security, not least from MITRE, who have released their latest list of software vulnerabilities.  Here’s everything you need to know about the 2022 CWE top 25 most dangerous… Continue reading CWE top 25 most dangerous software weaknesses in 2022 – what they mean

The MITRE ATT&CK framework and more – introducing Voyager18

Spend any time in cyber security, and you’ll know how deep the vulnerability rabbit hole goes. Log4j. Spring4shell. Follina. The list goes on and on and on. Security researchers and bug bounty hunters trawl the sprawling wild west of application, network, and cloud environments, in search of the critical openings that might let an attacker… Continue reading The MITRE ATT&CK framework and more – introducing Voyager18

The most common CVEs (and how to fix them)

Every year, MITRE adds thousands of new entries to their Common Vulnerabilities and Exposures (CVE) list. With only a few exceptions, the number of vulnerabilities posted to the list has gone up almost every year, with over four thousand posted already in 2022.  That’s not to say that all CVEs are going to lead to… Continue reading The most common CVEs (and how to fix them)