vulnerability management

Behind the scenes of cURL with its founder: Releases, updates, and security
In this Help Net Security interview, Daniel Stenberg, lead developer od cURL, discusses how the widely used tool remains secure across billions of devices, from cloud services …

Cutting through CVE noise with real-world threat signals
CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall …

The top CTEM platforms you should know in 2025
Continuous Threat Exposure Management (CTEM) is a cybersecurity strategy originally coined by Gartner analysts, which focuses on identifying, prioritizing, validating, and …

Energy companies are blind to thousands of exposed services
Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from …

CISOs say they’re prepared, their data says otherwise
Most security teams believe they can act quickly when a threat emerges. But many don’t trust the very data they rely on to do so, and that’s holding them back. A new Axonius …

Why we must go beyond tooling and CVEs to illuminate security blind spots
In April, the cybersecurity community held its breath as the Common Vulnerabilities and Exposures (CVE) program was plunged into a moment of existential crisis. In the end, an …

Exposure management is the answer to: “Am I working on the right things?”
In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain …

Exposed and unaware? Smart buildings need smarter risk controls
75% of organizations have building management systems (BMS) affected by known exploited vulnerabilities (KEVs), according to Claroty.

48% of security pros are falling behind compliance requirements
32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are …

NIST proposes new metric to gauge exploited vulnerabilities
NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and …

What a future without CVEs means for cyber defense
The importance of the MITRE-run Common Vulnerabilities and Exposures (CVE) Program shouldn’t be understated. For 25 years, it has acted as the point of reference for …

What it really takes to build a resilient cyber program
In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up …