Please turn on your JavaScript for this page to function normally.

vulnerability management

Eye
How new and old security threats keep persisting

Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working, according to Cymulate. Security …

NIS2
Preparing for the NIS2 Directive

The EU’s NIS Directive (Directive on security of network and information systems) was established to create a higher level of cybersecurity and resilience within …

CVE
CVE count set to rise by 25% in 2024

The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …

CVSS
Does CVSS 4.0 solve the exploitability problem?

The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is …

vulnerability
The effect of omission bias on vulnerability management

Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has …

Michael Gorelik
Creating a formula for effective vulnerability prioritization

In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik …

Kubescape
Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this …

EU
Organizations rethink cybersecurity investments to meet NIS Directive requirements

Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% …

network
Mainframes are around to stay, it’s time to protect them

While many organizations run their core business applications on the mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, …

lock
Vulnerability management metrics: How to measure success

Without the right metrics, vulnerability management is pretty pointless. If you’re not measuring, how do you know it’s working? So how do you know what to focus on? The list …

OT
Scaling rapidly? Your application security strategies need to keep up

Modern application security strategies must support and enable modern software development, even as it rapidly scales, according to Mend.io. Just 52% of companies can …

danger
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …

Don't miss

Cybersecurity news