vulnerability management

Why we must go beyond tooling and CVEs to illuminate security blind spots
In April, the cybersecurity community held its breath as the Common Vulnerabilities and Exposures (CVE) program was plunged into a moment of existential crisis. In the end, an …

Exposure management is the answer to: “Am I working on the right things?”
In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain …

Exposed and unaware? Smart buildings need smarter risk controls
75% of organizations have building management systems (BMS) affected by known exploited vulnerabilities (KEVs), according to Claroty.

48% of security pros are falling behind compliance requirements
32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are …

NIST proposes new metric to gauge exploited vulnerabilities
NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and …

What a future without CVEs means for cyber defense
The importance of the MITRE-run Common Vulnerabilities and Exposures (CVE) Program shouldn’t be understated. For 25 years, it has acted as the point of reference for …

What it really takes to build a resilient cyber program
In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up …

Review: Effective Vulnerability Management
Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the …

Investing in security? It’s not helping you fix what matters faster
Automation and structured collaboration have a strong, positive influence on the efficiency of vulnerability management, according to Seemplicity. However, manual processes, …

Securing digital products under the Cyber Resilience Act
In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in …

Microsoft vulnerabilities: What’s improved, what’s at risk
Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the …

Funding uncertainty may spell the end of MITRE’s CVE program
The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal …