New Google vulnerability: Learn about zero-day CVE-2022-3075 in Chorme web browser  | Fix now >> 

The CyberRisk Summit on-demand: Watch the latest #CRS anytime, anywhere | Watch now  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

Enterprise Security: Deja Vu All Over Again?

The 1990s: When Remediation was Simple Back in the 1990s, every company’s network was fairly self-contained, using relatively few third-party programs with little direct contact with the developing internet, especially during work hours. Corporate email domains were completely separate from personal ones, such as AOL, Yahoo! mail or invitation-only Gmail. 

How Dangerous is a Zero-Day Threat?

There’s a buzz in the vulnerability management market surrounding solutions to protect against Zero Day vulnerabilities – vulnerabilities that were previously unknown with no vendor patch available. While some may paint a picture of hoards of hackers looking to exploit undiscovered flaws, security teams must ask themselves: is focusing on Zero Day attacks really the… Continue reading How Dangerous is a Zero-Day Threat?

Cyber Threat Intelligence – Answer to the Biggest Questions

A key part of any risk assessment framework, vulnerability intelligence enables organizations to consider the broader picture when assessing a given vulnerability or set of vulnerabilities. Vulnerability intelligence providers consolidate data from multiple sources – both external and internal – and then offer a contextualized assessment of organizational risk. This can drastically tip the scales… Continue reading Cyber Threat Intelligence – Answer to the Biggest Questions

A New Approach to Risk-Based Vulnerability Management

The question of remediating every single vulnerability is moot. Given the massive amounts of vulnerabilities being disclosed every month, it’s logistically and organizationally unfeasible. At the enterprise level, even the largest IT team simply can’t handle all the vulnerabilities out there – nor, in truth do they need to.