vulnerability assessment
MythBusters: What pentesting is (and what it is not)
You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security …
When it comes to vulnerability triage, ditch CVSS and prioritize exploitability
When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …
How important are vulnerability management investments for a cybersecurity posture?
Vulnerability management (VM) technology addresses the threat landscape, which is in a constant state of flux. The wider dispersal of endpoints across private and public cloud …
HP expands its Bug Bounty Program to focus on office-class print cartridge security vulnerabilities
HP has expanded its Bug Bounty Program to focus specifically on office-class print cartridge security vulnerabilities. The program underscores HP’s commitment to delivering …
Review: ThreadFix 3.0
Maintaining a strong organizational security posture is a demanding task. Most best practices – e.g. CIS Controls, the OWASP Vulnerability Management Guide – …
Qualys VMDR: Discover, prioritize, and patch critical vulnerabilities in real time
In this podcast, Prateek Bhajanka, VP of Product Management, Vulnerability Management, Detection and Response at Qualys, discusses how you can significantly accelerate an …
High-risk vulnerabilities and public cloud-based attacks on the rise
A sharp increase (57%) in high-risk vulnerabilities drove the threat index score up 8% from December 2019 to January 2020, according to the Imperva Cyber Threat Index. …
Which vulnerabilities were most exploited by cybercriminals in 2019?
Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Table of top exploited CVEs between 2016 and 2019 (repeats are noted by …
CVE gap widens: 16,738 vulnerabilities disclosed during the first nine months of 2019
Risk Based Security’s VulnDB team aggregated 16,738 newly-disclosed vulnerabilities during the first three quarters of 2019 which surpassed CVE/NVD by 5,970 during the same …
When is the right time to red team?
“It takes a thief to catch a thief.” Despite being hundreds of years old, this idiom holds perfectly true for that most modern of thieves, the cybercriminal. With …
How mainstream media coverage affects vulnerability management
For better or for worse, mainstream media is increasingly covering particularly dangerous, widespread or otherwise notable security vulnerabilities. The growing coverage has …
Researchers working on tools that aim to eliminate computer bugs
It’s bad enough losing an hour’s work when your computer crashes – but in settings like healthcare and aviation, software glitches can have far more serious consequences. In …
Featured news
Resources
Don't miss
- How military leadership prepares veterans for cybersecurity success
- Fighting fraud with AI: The new identity security playbook
- Brute-force attacks hammer Fortinet devices worldwide
- For $40, you can buy stolen police and government email accounts
- Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)