The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Live webinar, Oct 13: Attend to learn how you can deduplicate vulnerability and deliver a smarter approach to cyber risk management  | Register  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

What is the BootHole Vulnerability (CVE-2020-10713)?

TL;DR The BootHole vulnerability is not critical (yet), but it could potentially effect billions of devices worldwide. Exploiting it requires high privileges or physical access. Now while there are no full patches available at this time, we’ve written this blog, and published this episode of The Vulnerability Report, to help you detect vulnerable devices, mitigate the… Continue reading What is the BootHole Vulnerability (CVE-2020-10713)?

The Staggering Growth in Vulnerability Disclosure, 2010 – 2018

With the end of the year, it’s prime time to reflect on vulnerability trends since the start of the decade.

A Closer Look at Vulnerability Disclosure Policy

While technology companies aim to ensure that their products are watertight, the fact of the matter is that security vulnerabilities are discovered. But how they deal with these discoveries varies considerably. The question is: should technology vendors keep vulnerabilities quiet or make them known?