Please turn on your JavaScript for this page to function normally.

vulnerability management

NIST’s NVD has encountered a problem

Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and …

How new and old security threats keep persisting

Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working, according to Cymulate. Security …

Preparing for the NIS2 Directive

The EU’s NIS Directive (Directive on security of network and information systems) was established to create a higher level of cybersecurity and resilience within …

CVE count set to rise by 25% in 2024

The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …

Does CVSS 4.0 solve the exploitability problem?

The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is …

The effect of omission bias on vulnerability management

Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has …

Michael Gorelik
Creating a formula for effective vulnerability prioritization

In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik …

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this …

Organizations rethink cybersecurity investments to meet NIS Directive requirements

Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% …

Mainframes are around to stay, it’s time to protect them

While many organizations run their core business applications on the mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, …

Vulnerability management metrics: How to measure success

Without the right metrics, vulnerability management is pretty pointless. If you’re not measuring, how do you know it’s working? So how do you know what to focus on? The list …

Scaling rapidly? Your application security strategies need to keep up

Modern application security strategies must support and enable modern software development, even as it rapidly scales, according to Just 52% of companies can …

Don't miss

Cybersecurity news