The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Live webinar, Oct 13: Attend to learn how you can deduplicate vulnerability and deliver a smarter approach to cyber risk management  | Register  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

How to fix CVE-2022-32893 and CVE-2022-32894 in Apple

Over the weekend, the security industry faced two critical zero-days for Apple products. Both CVE-2022-32893 and CVE-2022-32894 could potentially lead to remote code execution on Apple devices and should be urgently addressed. Let’s explore what we know so far, and the steps you should follow to mitigate the risk. What are CVE-2022-32893 and CVE-2022-32894? The… Continue reading How to fix CVE-2022-32893 and CVE-2022-32894 in Apple

Risk based security: what is it?

Today, teams struggle to manage and mitigate cyber risk, contending with IT environments that sprawl increasingly across siloed teams, tools, and technologies. In short, risk-based security is getting harder.   Traditional vulnerability management was hard enough. Keeping on-premises servers and hosts secure required the sustained efforts of security teams working to prioritize and fix those vulnerabilities… Continue reading Risk based security: what is it?

Most risk-based vulnerability management programs are ineffective

Latest research shows IT security teams are not doing enough to correlate vulnerability data with actual business risk leaving organizations exposed. TEL AVIV, Israel — December 16, 2021 — According to a Vulcan Cyber survey of more than 200 enterprise IT and security executives conducted by Pulse, 86% of respondents rely on third-party vulnerability severity… Continue reading Most risk-based vulnerability management programs are ineffective